HCoop / hcoop / debian / openafs.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Import Upstream version 1.8.5
[hcoop/debian/openafs.git] / src / JAVA / classes / org / openafs / jafs / ACL.java
CommitLineData
805e021f
CE		 1/*
2 * @(#)ACL.java 2.0 04/18/2001
3 *
4 * Copyright (c) 2001 International Business Machines Corp.
5 * All rights reserved.
6 *
7 * This software has been released under the terms of the IBM Public
8 * License. For details, see the LICENSE file in the top-level source
9 * directory or online at http://www.openafs.org/dl/license10.html
10 *
11 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
12 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
13 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
14 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR
15 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
16 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
17 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
18 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
19 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
20 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
21 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
22 */
23
24package org.openafs.jafs;
25
26import java.io.Serializable;
27import java.util.ArrayList;
28import java.util.StringTokenizer;
29
30/**
31 * An abstract representation of AFS file and directory pathnames.
32 *
33 * This class is an extension of the standard Java File class with file-based
34 * manipulation methods overridden by integrated AFS native methods.
35 *
36 * @version 2.0, 04/18/2001 - Completely revised class for efficiency.
37 */
38
39public class ACL implements Serializable, Comparable
40{
41 protected ACL.Entry[] positiveEntries;
42 protected ACL.Entry[] negativeEntries;
43 protected String path;
44
45 public ACL(String path) throws AFSException
46 {
47 this(path,true);
48 }
49
50public ACL(String path, boolean init) throws AFSException {
51 int numberPositiveEntries = 0;
52 int numberNegativeEntries = 0;
53 ACL.Entry aclEntry;
54 String buffer;
55 this.path = path;
56
57 if (init) {
58
59 StringTokenizer st = new StringTokenizer(getACLString(path), "\n\t");
60
61 buffer = st.nextToken();
62 numberPositiveEntries = new Integer(buffer).intValue();
63 positiveEntries = new ACL.Entry[numberPositiveEntries];
64
65 buffer = st.nextToken();
66 numberNegativeEntries = new Integer(buffer).intValue();
67 negativeEntries = new ACL.Entry[numberNegativeEntries];
68
69 for (int i = 0; i < numberPositiveEntries; i++) {
70 aclEntry = new ACL.Entry();
71 aclEntry.setUser(st.nextToken());
72 aclEntry.setPermissions(new Integer(st.nextToken()).intValue());
73 positiveEntries[i] = aclEntry;
74 }
75
76 for (int i = 0; i < numberNegativeEntries; i++) {
77 aclEntry = new ACL.Entry();
78 aclEntry.setUser(st.nextToken());
79 aclEntry.setPermissions(new Integer(st.nextToken()).intValue());
80 negativeEntries[i] = aclEntry;
81 }
82 }else{
83 positiveEntries = new ACL.Entry[numberPositiveEntries];
84 negativeEntries = new ACL.Entry[numberNegativeEntries];
85 }
86}
87 public int getEntryCount()
88 {
89 return positiveEntries.length + positiveEntries.length;
90 }
91 public String getPath()
92 {
93 return path;
94 }
95 public void setPath(String path)
96 {
97 this.path= path;
98 }
99 public ACL.Entry[] getPositiveEntries()
100 {
101 return positiveEntries;
102 }
103 public void addPositiveEntry(ACL.Entry entry) throws AFSException
104 {
105 int n = positiveEntries.length;
106 ACL.Entry[] e = new ACL.Entry[n + 1];
107 System.arraycopy(positiveEntries, 0, e, 0, n);
108 e[n] = entry;
109 positiveEntries = e;
110 setACLString(path, getFormattedString());
111 }
112 public void setPositiveEntries(ACL.Entry[] entries) throws AFSException
113 {
114 this.positiveEntries = entries;
115 setACLString(path, getFormattedString());
116 }
117 public ACL.Entry[] getNegativeEntries()
118 {
119 return negativeEntries;
120 }
121 public void addNegativeEntry(ACL.Entry entry) throws AFSException
122 {
123 int n = negativeEntries.length;
124 ACL.Entry[] e = new ACL.Entry[n + 1];
125 System.arraycopy(negativeEntries, 0, e, 0, n);
126 e[n] = entry;
127 negativeEntries = e;
128 setACLString(path, getFormattedString());
129 }
130
131 public void addAllNegativeEntrys(ACL.Entry[] entry) throws AFSException
132 {
133 int n = negativeEntries.length;
134 ACL.Entry[] e = new ACL.Entry[n + entry.length];
135 System.arraycopy(negativeEntries, 0, e, 0, n);
136 System.arraycopy(entry,0,e,n,entry.length);
137
138 negativeEntries = e;
139 setACLString(path, getFormattedString());
140
141 }
142
143 public void addAllPositiveEntrys(ACL.Entry[] entry) throws AFSException
144 {
145 int n = positiveEntries.length;
146 ACL.Entry[] e = new ACL.Entry[n + entry.length];
147 System.arraycopy(positiveEntries, 0, e, 0, n);
148 System.arraycopy(entry,0,e,n,entry.length);
149
150 positiveEntries = e;
151 setACLString(path, getFormattedString());
152
153 }
154 public void setNegativeEntries(ACL.Entry[] entries) throws AFSException
155 {
156 this.negativeEntries = entries;
157 setACLString(path, getFormattedString());
158 }
159
160 /**
161 * Needs a AFS Connection
162 */
163 public void flush() throws AFSException
164 {
165 setACLString(path, getFormattedString());
166 }
167
168 /**
169 * removes a ACL Entry from acl
170 */
171 public void removeNegativeEntry(Entry entry) throws AFSException {
172
173 ArrayList arr = new ArrayList();
174
175 for (int i = 0; i < negativeEntries.length; i++) {
176
177 if(!negativeEntries[i].equals(entry)){
178 arr.add(negativeEntries[i]);
179 }
180 }
181 negativeEntries = (ACL.Entry[]) arr.toArray(new ACL.Entry[arr.size()]);
182
183 setACLString(path, getFormattedString());
184 }
185
186 /**
187 * removes all ACL Entrys from acl
188 */
189 public void removeAllNegativeEntrys() throws AFSException {
190 negativeEntries = new Entry[0];
191 setACLString(path, getFormattedString());
192 }
193
194 /**
195 * removes all ACL Entrys from acl
196 */
197 public void removeAllPositiveEntrys() throws AFSException {
198 positiveEntries = new Entry[0];
199 setACLString(path, getFormattedString());
200 }
201
202
203 public boolean containsNegative(Entry entry) {
204
205 for (int i = 0; i < negativeEntries.length; i++) {
206
207 if(negativeEntries[i].equals(entry)){
208 return true;
209 }
210 }
211 return false;
212 }
213
214
215 public Entry getNegative(String entryname) {
216
217 for (int i = 0; i < negativeEntries.length; i++) {
218
219 if(negativeEntries[i].getUser().equalsIgnoreCase(entryname)){
220 return negativeEntries[i];
221 }
222 }
223 return null;
224 }
225
226 public Entry getPositive(String entryname) {
227
228 for (int i = 0; i < positiveEntries.length; i++) {
229
230 if(positiveEntries[i].getUser().equalsIgnoreCase(entryname)){
231 return positiveEntries[i];
232 }
233 }
234 return null;
235 }
236 public boolean containsPositive(Entry entry) {
237
238 for (int i = 0; i < positiveEntries.length; i++) {
239
240 if(positiveEntries[i].equals(entry)){
241 return true;
242 }
243 }
244 return false;
245 }
246
247 /**
248 * removes a ACL Entry from acl
249 */
250 public void removePositiveEntry(Entry entry) throws AFSException {
251
252 ArrayList arr = new ArrayList();
253
254 for (int i = 0; i < positiveEntries.length; i++) {
255
256 if(!positiveEntries[i].equals(entry)){
257 arr.add(positiveEntries[i]);
258 }
259 }
260 positiveEntries = (ACL.Entry[]) arr.toArray(new ACL.Entry[arr.size()]);
261 setACLString(path, getFormattedString());
262 }
263
264 private ACL.Entry[] getNonEmptyEntries(ACL.Entry[] entries)
265 {
266 ArrayList response = new ArrayList(entries.length);
267 for (int i = 0; i < entries.length; i++)
268 {
269 boolean isNonEmpty = entries[i].canRead() ||
270 entries[i].canLookup() ||
271 entries[i].canWrite() ||
272 entries[i].canInsert() ||
273 entries[i].canDelete() ||
274 entries[i].canLock() ||
275 entries[i].canAdmin();
276 if (isNonEmpty) response.add(entries[i]);
277 }
278 if (response.size() == entries.length) return entries;
279 return (ACL.Entry[])response.toArray(new ACL.Entry[response.size()]);
280 }
281
282 private void entriesToString(ACL.Entry[] entries, StringBuffer response)
283 {
284 for (int i = 0; i < entries.length; i++)
285 {
286 this.entryToString((ACL.Entry)entries[i], response);
287 }
288 }
289
290 private void entryToString(ACL.Entry entry, StringBuffer response)
291 {
292 response.append(entry.getUser() + '\t' + entry.getPermissionsMask() + '\n');
293 }
294
295 /**
296 * Returns a ViceIoctl formatted String representation of this
297 * <CODE>ACL</CODE>.
298 *
299 * @return a ViceIoctl formatted String representation of this
300 * <CODE>ACL</CODE>.
301 */
302 private String getFormattedString()
303 {
304 StringBuffer out = null;
305 ACL.Entry[] nonEmptyPos = this.getNonEmptyEntries(this.getPositiveEntries());
306 ACL.Entry[] nonEmptyNeg = this.getNonEmptyEntries(this.getNegativeEntries());
307
308 out = new StringBuffer(nonEmptyPos.length + "\n" + nonEmptyNeg.length + "\n");
309 this.entriesToString(nonEmptyPos, out);
310 this.entriesToString(nonEmptyNeg, out);
311
312 return out.toString();
313 }
314
315 /////////////// custom override methods ////////////////////
316
317 /**
318 * Compares two ACL objects respective to their paths and does not
319 * factor any other attribute. Alphabetic case is significant in
320 * comparing names.
321 *
322 * @param acl The ACL object to be compared to this ACL
323 * instance
324 *
325 * @return Zero if the argument is equal to this ACL's path, a
326 * value less than zero if this ACL's path is
327 * lexicographically less than the argument, or a value greater
328 * than zero if this ACL's path is lexicographically
329 * greater than the argument
330 */
331 public int compareTo(ACL acl)
332 {
333 return this.getPath().compareTo(acl.getPath());
334 }
335
336 /**
337 * Comparable interface method.
338 *
339 * @see #compareTo(ACL)
340 */
341 public int compareTo(Object obj)
342 {
343 return compareTo((ACL)obj);
344 }
345
346 /**
347 * Tests whether two <code>ACL</code> objects are equal, based on their
348 * paths and permission bits.
349 *
350 * @param acl the ACL to test
351 * @return whether the specifed ACL is the same as this ACL
352 */
353 public boolean equals( ACL acl )
354 {
355 return ( (this.getPath().equals(acl.getPath())) &&
356 (positiveEntries.equals(acl.getPositiveEntries())) &&
357 (negativeEntries.equals(acl.getNegativeEntries())) );
358 }
359
360 /**
361 * Returns a String representation of this <CODE>ACL</CODE>
362 *
363 * @return a String representation of this <CODE>ACL</CODE>
364 */
365 public String toString()
366 {
367 ACL.Entry[] nonEmptyPos = this.getNonEmptyEntries(this.getPositiveEntries());
368 ACL.Entry[] nonEmptyNeg = this.getNonEmptyEntries(this.getNegativeEntries());
369
370 StringBuffer out = new StringBuffer("ACL for ");
371 out.append(path);
372 out.append("\n");
373 out.append("Positive Entries:\n");
374 for (int i = 0; i < nonEmptyPos.length; i++) {
375 out.append(" ");
376 out.append(nonEmptyPos[i].toString());
377 }
378 if (nonEmptyNeg.length > 0) {
379 out.append("Negative Entries:\n");
380 for (int i = 0; i < nonEmptyNeg.length; i++) {
381 out.append(" ");
382 out.append(nonEmptyNeg[i].toString());
383 }
384 }
385
386 return out.toString();
387 }
388
389 /////////////// native methods ////////////////////
390
391 /**
392 * Returns a formatted String representing the ACL for the specified path.
393 *
394 * The string format is in the form of a ViceIoctl and is as follows:
395 * printf("%d\n%d\n", positiveEntriesCount, negativeEntriesCount);
396 * printf("%s\t%d\n", userOrGroupName, rightsMask);
397 *
398 * @param path the directory path
399 * @returns a formatted String representing the ACL for the specified path.
400 * @throws an AFSException if an AFS or JNI exception is encountered.
401 */
402 private native String getACLString(String path) throws AFSException;
403
404 /**
405 * Sets the ACL in the file system according to this abstract representation.
406 *
407 * @param path the directory path
408 * @param aclString string representation of ACL to be set
409 * @throws an AFSException if an AFS or JNI exception is encountered.
410 */
411 private native void setACLString(String path, String aclString) throws AFSException;
412
413 /*====================================================================*/
414 /* INNER CLASSES */
415 /*====================================================================*/
416
417 /**
418 * AFS ACL Entry Class.
419 *
420 * <p> Documentation reference:
421 * <A HREF="http://www.transarc.com/Library/documentation/afs/3.6/unix/en_US/HTML/AdminGd/auagd020.htm#HDRWQ772">Managing Access Control Lists</A>
422 *
423 * @version 2.0, 04/18/2001 - Completely revised class for efficiency.
424 * @version 3.0, 05/01/2002 - Converted class to an inner class.
425 */
426 public static final class Entry implements Serializable
427 {
428 /** ACL Mask read constant */
429 public static final int READ = 1;
430 /** ACL Mask write constant */
431 public static final int WRITE = 2;
432 /** ACL Mask insert constant */
433 public static final int INSERT = 4;
434 /** ACL Mask lookup constant */
435 public static final int LOOKUP = 8;
436 /** ACL Mask delete constant */
437 public static final int DELETE = 16;
438 /** ACL Mask lock constant */
439 public static final int LOCK = 32;
440 /** ACL Mask administer constant */
441 public static final int ADMIN = 64;
442
443 private String username;
444
445 private boolean r = false;
446 private boolean l = false;
447 private boolean i = false;
448 private boolean d = false;
449 private boolean w = false;
450 private boolean k = false;
451 private boolean a = false;
452
453 /**
454 * Constructs a new ACL entry with all permission bits set to <code>false</code>.
455 */
456 public Entry()
457 {
458 }
459 /**
460 * Constructs a new ACL entry with all permission bits set to <code>false</code>
461 * and sets the associated user or group name.
462 *
463 * @param user The user or group name associated with this entry
464 */
465 public Entry(String user)
466 {
467 this.setUser(user);
468 }
469 /**
470 * Constructs a new ACL entry setting each permission bit to its appropriate
471 * value according to the <code>permissionsMask</code> specified.
472 *
473 * @see #canRead
474 * @see #canWrite
475 * @see #canInsert
476 * @see #canLookup
477 * @see #canDelete
478 * @see #canLock
479 * @see #canAdmin
480 * @param permissionsMask An integer representation of the permissoin
481 * rights of this entry
482 */
483 public Entry(int permissionsMask)
484 {
485 this.setPermissions(permissionsMask);
486 }
487 /**
488 * Constructs a new ACL entry setting each permission bit to its appropriate
489 * value according to the <code>permissionsMask</code> specified
490 * and sets the associated user or group name.
491 *
492 * @see #canRead
493 * @see #canWrite
494 * @see #canInsert
495 * @see #canLookup
496 * @see #canDelete
497 * @see #canLock
498 * @see #canAdmin
499 * @see #setUser
500 * @param permissionsMask An integer representation of the permissoin
501 * rights of this entry
502 * @param user The username or group associated with this entry
503 */
504 public Entry(String user, int permissionsMask)
505 {
506 this.setUser(user);
507 this.setPermissions(permissionsMask);
508 }
509 /*-------------------------------------------------------------------------*/
510 /**
511 * Set this entry's permission bits according to the value of the
512 * <code>permissionsMask</code> specified.
513 *
514 * @see #getPermissionsMask
515 * @param permissionsMask An integer representation of the permissoin
516 * rights of this entry
517 */
518 public void setPermissions(int permissionsMask)
519 {
520 if ((permissionsMask & READ) != 0) {
521 this.setRead(true);
522 }
523 if ((permissionsMask & LOOKUP) != 0) {
524 this.setLookup(true);
525 }
526 if ((permissionsMask & INSERT) != 0) {
527 this.setInsert(true);
528 }
529 if ((permissionsMask & DELETE) != 0) {
530 this.setDelete(true);
531 }
532 if ((permissionsMask & WRITE) != 0) {
533 this.setWrite(true);
534 }
535 if ((permissionsMask & LOCK) != 0) {
536 this.setLock(true);
537 }
538 if ((permissionsMask & ADMIN) != 0) {
539 this.setAdmin(true);
540 }
541 }
542 /**
543 * Returns this entry's permission mask.
544 *
545 * <p> <B>Permission Mask</B><BR>
546 * 01 - READ <BR>
547 * 02 - WRITE <BR>
548 * 04 - INSERT<BR>
549 * 08 - LOOKUP<BR>
550 * 16 - DELETE<BR>
551 * 32 - LOCK <BR>
552 * 64 - ADMIN <BR>
553 *
554 * <p> Any combination of the above mask values would equate to a valid combination of
555 * permission settings. For example, if the permission mask was <B>11</B>, the ACL permissions
556 * would be as follows: <code>read</code> (1), <code>write</code> (2), and <code>lookup</code> (8).<BR>
557 * [1 + 2 + 8 = 11]
558 *
559 * @return An integer representation (mask) of the permissoin rights of this entry
560 */
561 public int getPermissionsMask()
562 {
563 int permissionsMask = 0;
564 if (canRead()) permissionsMask |= READ;
565 if (canWrite()) permissionsMask |= WRITE;
566 if (canInsert()) permissionsMask |= INSERT;
567 if (canLookup()) permissionsMask |= LOOKUP;
568 if (canDelete()) permissionsMask |= DELETE;
569 if (canLock()) permissionsMask |= LOCK;
570 if (canAdmin()) permissionsMask |= ADMIN;
571 return permissionsMask;
572 }
573 /**
574 * Returns the user <B>or</B> group name associated with this ACL entry.
575 *
576 * @return String representation of the user or group name associated with this entry.
577 */
578 public String getUser()
579 {
580 return username;
581 }
582 /**
583 * Sets the user <B>or</B> group name associated with this ACL entry.
584 *
585 * @param user representation of the user or group name associated with this entry.
586 */
587 public void setUser(String user)
588 {
589 username = user;
590 }
591 /**
592 * <IMG SRC="file.gif" ALT="File Permission" WIDTH="15" HEIGHT="15" BORDER="0"> Tests whether the ACL permits <code>read</code> access.
593 *
594 * <p> This permission enables a user to read the contents of files in the directory
595 * and to obtain complete status information for the files (read/retrieve the file
596 * attributes).
597 *
598 * <p><FONT COLOR="666699"><IMG SRC="file.gif" ALT="File Permission" WIDTH="15" HEIGHT="15" BORDER="0"> <U><B>File Permission</B></U></FONT><BR>
599 * This permission is meaningful with respect to files in
600 * a directory, rather than the directory itself or its subdirectories.
601 *
602 * <p> Documentation reference:
603 * <A HREF="http://www.transarc.com/Library/documentation/afs/3.6/unix/en_US/HTML/AdminGd/auagd020.htm#HDRWQ782">The AFS ACL Permissions</A>
604 *
605 * @return <code>true</code> if and only if the ACL permits <code>read</code> access of
606 * files; <code>false</code> otherwise
607 */
608 public boolean canRead()
609 {
610 return r;
611 }
612 /**
613 * Sets the ACL permission to accomodate <code>read</code> access for files.
614 *
615 * @see #canRead
616 * @param flag boolean flag that denotes the permission bit for <code>read</code> access.
617 */
618 public void setRead(boolean flag)
619 {
620 r = flag;
621 }
622 /**
623 * <IMG SRC="folder.gif" ALT="Directory Permission" WIDTH="15" HEIGHT="15" BORDER="0"> Tests whether the ACL permits lookup access.
624 *
625 * <p> This permission functions as something of a gate keeper for access to the directory
626 * and its files, because a user must have it in order to exercise any other permissions.
627 * In particular, a user must have this permission to access anything in the directory's
628 * subdirectories, even if the ACL on a subdirectory grants extensive permissions.
629 *
630 * <p> This permission enables a user to list the names of the files and subdirectories in
631 * the directory (this does not permit read access to its respective entries), obtain
632 * complete status information for the directory element itself, and examine the directory's
633 * ACL.
634 *
635 * <p> This permission does not enable a user to read the contents of a file in the
636 * directory.
637 *
638 * <p> Similarly, this permission does not enable a user to lookup the contents of,
639 * obtain complete status information for, or examine the ACL of the subdirectory of
640 * the directory. Those operations require the <code>lookup</code> permission on the ACL
641 * of the subdirectory itself.
642 *
643 * <p><FONT COLOR="666699"><IMG SRC="folder.gif" ALT="Directory Permission" WIDTH="15" HEIGHT="15" BORDER="0"> <U><B>Directory Permission</B></U></FONT><BR>
644 * This permission is meaningful with respect to the
645 * directory itself. For example, the <code>insert</code> permission (see: {@link #canInsert})
646 * does not control addition of data to a file, but rather creation of a new file or
647 * subdirectory.
648 *
649 * <p> Documentation reference:
650 * <A HREF="http://www.transarc.com/Library/documentation/afs/3.6/unix/en_US/HTML/AdminGd/auagd020.htm#HDRWQ782">The AFS ACL Permissions</A>
651 *
652 * @return <code>true</code> if and only if the ACL permits <code>lookup</code> access for
653 * directories; <code>false</code> otherwise
654 */
655 public boolean canLookup()
656 {
657 return l;
658 }
659 /**
660 * Sets the ACL permission to accomodate <code>lookup</code> access for directories.
661 *
662 * @see #canLookup
663 * @param flag boolean flag that denotes the permission bit for <code>lookup</code> access.
664 */
665 public void setLookup(boolean flag)
666 {
667 l = flag;
668 }
669 /**
670 * <IMG SRC="folder.gif" ALT="Directory Permission" WIDTH="15" HEIGHT="15" BORDER="0"> Tests whether the ACL permits <code>insert</code> access.
671 *
672 * <p> This permission enables a user to add new files to the directory, either by creating
673 * or copying, and to create new subdirectories. It does not extend into any subdirectories,
674 * which are protected by their own ACLs.
675 *
676 * <p><FONT COLOR="666699"><IMG SRC="folder.gif" ALT="Directory Permission" WIDTH="15" HEIGHT="15" BORDER="0"> <U><B>Directory Permission</B></U></FONT><BR>
677 * This permission is meaningful with respect to the
678 * directory itself. For example, the <code>insert</code> permission (see: {@link #canInsert})
679 * does not control addition of data to a file, but rather creation of a new file or
680 * subdirectory.
681 *
682 * <p> Documentation reference:
683 * <A HREF="http://www.transarc.com/Library/documentation/afs/3.6/unix/en_US/HTML/AdminGd/auagd020.htm#HDRWQ782">The AFS ACL Permissions</A>
684 *
685 * @return <code>true</code> if and only if the ACL permits <code>insert</code> access for
686 * directories; <code>false</code> otherwise
687 */
688 public boolean canInsert()
689 {
690 return i;
691 }
692 /**
693 * Sets the ACL permission to accomodate <code>insert</code> access for directories.
694 *
695 * @see #canInsert
696 * @param flag boolean flag that denotes the permission bit for <code>insert</code> access.
697 */
698 public void setInsert(boolean flag)
699 {
700 i = flag;
701 }
702 /**
703 * <IMG SRC="folder.gif" ALT="Directory Permission" WIDTH="15" HEIGHT="15" BORDER="0"> Tests whether the ACL permits <code>delete</code> access.
704 *
705 * <p> This permission enables a user to remove files and subdirectories from the directory
706 * or move them into other directories (assuming that the user has the <code>insert</code>
707 * (see: {@link #canInsert}) permission on the ACL of the other directories).
708 *
709 * <p><FONT COLOR="666699"><IMG SRC="folder.gif" ALT="Directory Permission" WIDTH="15" HEIGHT="15" BORDER="0"> <U><B>Directory Permission</B></U></FONT><BR>
710 * This permission is meaningful with respect to the
711 * directory itself. For example, the <code>insert</code> permission (see: {@link #canInsert})
712 * does not control addition of data to a file, but rather creation of a new file or
713 * subdirectory.
714 *
715 * <p> Documentation reference:
716 * <A HREF="http://www.transarc.com/Library/documentation/afs/3.6/unix/en_US/HTML/AdminGd/auagd020.htm#HDRWQ782">The AFS ACL Permissions</A>
717 *
718 * @return <code>true</code> if and only if the ACL permits <code>delete</code> access for
719 * directories; <code>false</code> otherwise
720 */
721 public boolean canDelete()
722 {
723 return d;
724 }
725 /**
726 * Sets the ACL permission to accomodate <code>delete</code> access for directories.
727 *
728 * @see #canDelete
729 * @param flag boolean flag that denotes the permission bit for <code>delete</code> rights.
730 */
731 public void setDelete(boolean flag)
732 {
733 d = flag;
734 }
735 /**
736 * <IMG SRC="file.gif" ALT="File Permission" WIDTH="15" HEIGHT="15" BORDER="0"> Tests whether the ACL permits <code>write</code> access.
737 *
738 * <p> This permission enables a user to modify the contents of files in the directory
739 * and to change their operating system specific mode bits.
740 *
741 * <p><FONT COLOR="666699"><IMG SRC="file.gif" ALT="File Permission" WIDTH="15" HEIGHT="15" BORDER="0"> <U><B>File Permission</B></U></FONT><BR>
742 * This permission is meaningful with respect to files in
743 * a directory, rather than the directory itself or its subdirectories.
744 *
745 * <p> Documentation reference:
746 * <A HREF="http://www.transarc.com/Library/documentation/afs/3.6/unix/en_US/HTML/AdminGd/auagd020.htm#HDRWQ782">The AFS ACL Permissions</A>
747 *
748 * @return <code>true</code> if and only if the ACL permits <code>write</code> access for
749 * files; <code>false</code> otherwise
750 */
751 public boolean canWrite()
752 {
753 return w;
754 }
755 /**
756 * Sets the ACL permission to accomodate <code>write</code> access for files.
757 *
758 * @see #canWrite
759 * @param flag boolean flag that denotes the permission bit for <code>write</code> access.
760 */
761 public void setWrite(boolean flag)
762 {
763 w = flag;
764 }
765 /**
766 * <IMG SRC="file.gif" ALT="File Permission" WIDTH="15" HEIGHT="15" BORDER="0"> Tests whether the ACL permits the <code>lock</code> authority.
767 *
768 * <p> This permission enables the user to run programs that issue system calls to
769 * lock files in the directory.
770 *
771 * <p><FONT COLOR="666699"><IMG SRC="file.gif" ALT="File Permission" WIDTH="15" HEIGHT="15" BORDER="0"> <U><B>File Permission</B></U></FONT><BR>
772 * This permission is meaningful with respect to files in
773 * a directory, rather than the directory itself or its subdirectories.
774 *
775 * <p> Documentation reference:
776 * <A HREF="http://www.transarc.com/Library/documentation/afs/3.6/unix/en_US/HTML/AdminGd/auagd020.htm#HDRWQ782">The AFS ACL Permissions</A>
777 *
778 * @return <code>true</code> if and only if the ACL permits <code>lock</code> authority for
779 * files; <code>false</code> otherwise
780 */
781 public boolean canLock()
782 {
783 return k;
784 }
785 /**
786 * Sets the ACL permission to accomodate <code>lock</code> access for files.
787 *
788 * @see #canLock
789 * @param flag boolean flag that denotes the permission bit for <code>lock</code> rights.
790 */
791 public void setLock(boolean flag)
792 {
793 k = flag;
794 }
795 /**
796 * <IMG SRC="folder.gif" ALT="Directory Permission" WIDTH="15" HEIGHT="15" BORDER="0"> Tests whether the ACL permits <code>administer</code> access.
797 *
798 * <p> This permission enables a user to change the directory's ACL. Members of the
799 * <code>system:administrators</code> group implicitly have this permission on every
800 * directory (that is, even if that group does not appear on the ACL). Similarly, the
801 * owner of a directory implicitly has this permission on its ACL and those of all
802 * directories below it that he or she owns.
803 *
804 * <p><FONT COLOR="666699"><IMG SRC="folder.gif" ALT="Directory Permission" WIDTH="15" HEIGHT="15" BORDER="0"> <U><B>Directory Permission</B></U></FONT><BR>
805 * This permission is meaningful with respect to the
806 * directory itself. For example, the <code>insert</code> permission (see: {@link #canInsert})
807 * does not control addition of data to a file, but rather creation of a new file or
808 * subdirectory.
809 *
810 * <p> Documentation reference:
811 * <A HREF="http://www.transarc.com/Library/documentation/afs/3.6/unix/en_US/HTML/AdminGd/auagd020.htm#HDRWQ782">The AFS ACL Permissions</A>
812 *
813 * @return <code>true</code> if and only if the ACL permits <code>administer</code> access for
814 * directories; <code>false</code> otherwise
815 */
816 public boolean canAdmin()
817 {
818 return a;
819 }
820 /**
821 * Sets the ACL permission to accomodate <code>administer</code> rights for directories.
822 *
823 * @see #canAdmin
824 * @param flag boolean flag that denotes the permission bit for <code>administer</code> rights.
825 */
826 public void setAdmin(boolean flag)
827 {
828 a = flag;
829 }
830
831 /////////////// custom override methods ////////////////////
832
833 /**
834 * Tests whether two <code>ACL.Entry</code> objects are equal, based on associated
835 * username and permission bits.
836 *
837 * @param entry the ACL.Entry to test
838 * @return whether the specifed ACL.Entry is the same as this ACL.Entry
839 */
840 public boolean equals( ACL.Entry entry )
841 {
842 return ( (this.getUser().equals( entry.getUser() )) &&
843 (this.getPermissionsMask() == entry.getPermissionsMask()) );
844 }
845
846 /**
847 * Returns a String representation of this <CODE>ACL.Entry</CODE>
848 *
849 * @return a String representation of this <CODE>ACL.Entry</CODE>
850 */
851 public String toString()
852 {
853 StringBuffer out = new StringBuffer(username);
854 out.append("\t");
855 if (r) out.append("r");
856 if (l) out.append("l");
857 if (i) out.append("i");
858 if (d) out.append("d");
859 if (w) out.append("w");
860 if (k) out.append("k");
861 if (a) out.append("a");
862 out.append("\n");
863 return out.toString();
864 }
865
866 }
867}
868
869
870
871
872
873
874
875
876
openafs packaging