2 * @(#)ACL.java 2.0 04/18/2001
4 * Copyright (c) 2001 International Business Machines Corp.
7 * This software has been released under the terms of the IBM Public
8 * License. For details, see the LICENSE file in the top-level source
9 * directory or online at http://www.openafs.org/dl/license10.html
11 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
12 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
13 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
14 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR
15 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
16 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
17 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
18 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
19 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
20 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
21 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 package org
.openafs
.jafs
;
26 import java
.io
.Serializable
;
27 import java
.util
.ArrayList
;
28 import java
.util
.StringTokenizer
;
31 * An abstract representation of AFS file and directory pathnames.
33 * This class is an extension of the standard Java File class with file-based
34 * manipulation methods overridden by integrated AFS native methods.
36 * @version 2.0, 04/18/2001 - Completely revised class for efficiency.
39 public class ACL
implements Serializable
, Comparable
41 protected ACL
.Entry
[] positiveEntries
;
42 protected ACL
.Entry
[] negativeEntries
;
43 protected String path
;
45 public ACL(String path
) throws AFSException
50 public ACL(String path
, boolean init
) throws AFSException
{
51 int numberPositiveEntries
= 0;
52 int numberNegativeEntries
= 0;
59 StringTokenizer st
= new StringTokenizer(getACLString(path
), "\n\t");
61 buffer
= st
.nextToken();
62 numberPositiveEntries
= new Integer(buffer
).intValue();
63 positiveEntries
= new ACL
.Entry
[numberPositiveEntries
];
65 buffer
= st
.nextToken();
66 numberNegativeEntries
= new Integer(buffer
).intValue();
67 negativeEntries
= new ACL
.Entry
[numberNegativeEntries
];
69 for (int i
= 0; i
< numberPositiveEntries
; i
++) {
70 aclEntry
= new ACL
.Entry();
71 aclEntry
.setUser(st
.nextToken());
72 aclEntry
.setPermissions(new Integer(st
.nextToken()).intValue());
73 positiveEntries
[i
] = aclEntry
;
76 for (int i
= 0; i
< numberNegativeEntries
; i
++) {
77 aclEntry
= new ACL
.Entry();
78 aclEntry
.setUser(st
.nextToken());
79 aclEntry
.setPermissions(new Integer(st
.nextToken()).intValue());
80 negativeEntries
[i
] = aclEntry
;
83 positiveEntries
= new ACL
.Entry
[numberPositiveEntries
];
84 negativeEntries
= new ACL
.Entry
[numberNegativeEntries
];
87 public int getEntryCount()
89 return positiveEntries
.length
+ positiveEntries
.length
;
91 public String
getPath()
95 public void setPath(String path
)
99 public ACL
.Entry
[] getPositiveEntries()
101 return positiveEntries
;
103 public void addPositiveEntry(ACL
.Entry entry
) throws AFSException
105 int n
= positiveEntries
.length
;
106 ACL
.Entry
[] e
= new ACL
.Entry
[n
+ 1];
107 System
.arraycopy(positiveEntries
, 0, e
, 0, n
);
110 setACLString(path
, getFormattedString());
112 public void setPositiveEntries(ACL
.Entry
[] entries
) throws AFSException
114 this.positiveEntries
= entries
;
115 setACLString(path
, getFormattedString());
117 public ACL
.Entry
[] getNegativeEntries()
119 return negativeEntries
;
121 public void addNegativeEntry(ACL
.Entry entry
) throws AFSException
123 int n
= negativeEntries
.length
;
124 ACL
.Entry
[] e
= new ACL
.Entry
[n
+ 1];
125 System
.arraycopy(negativeEntries
, 0, e
, 0, n
);
128 setACLString(path
, getFormattedString());
131 public void addAllNegativeEntrys(ACL
.Entry
[] entry
) throws AFSException
133 int n
= negativeEntries
.length
;
134 ACL
.Entry
[] e
= new ACL
.Entry
[n
+ entry
.length
];
135 System
.arraycopy(negativeEntries
, 0, e
, 0, n
);
136 System
.arraycopy(entry
,0,e
,n
,entry
.length
);
139 setACLString(path
, getFormattedString());
143 public void addAllPositiveEntrys(ACL
.Entry
[] entry
) throws AFSException
145 int n
= positiveEntries
.length
;
146 ACL
.Entry
[] e
= new ACL
.Entry
[n
+ entry
.length
];
147 System
.arraycopy(positiveEntries
, 0, e
, 0, n
);
148 System
.arraycopy(entry
,0,e
,n
,entry
.length
);
151 setACLString(path
, getFormattedString());
154 public void setNegativeEntries(ACL
.Entry
[] entries
) throws AFSException
156 this.negativeEntries
= entries
;
157 setACLString(path
, getFormattedString());
161 * Needs a AFS Connection
163 public void flush() throws AFSException
165 setACLString(path
, getFormattedString());
169 * removes a ACL Entry from acl
171 public void removeNegativeEntry(Entry entry
) throws AFSException
{
173 ArrayList arr
= new ArrayList();
175 for (int i
= 0; i
< negativeEntries
.length
; i
++) {
177 if(!negativeEntries
[i
].equals(entry
)){
178 arr
.add(negativeEntries
[i
]);
181 negativeEntries
= (ACL
.Entry
[]) arr
.toArray(new ACL
.Entry
[arr
.size()]);
183 setACLString(path
, getFormattedString());
187 * removes all ACL Entrys from acl
189 public void removeAllNegativeEntrys() throws AFSException
{
190 negativeEntries
= new Entry
[0];
191 setACLString(path
, getFormattedString());
195 * removes all ACL Entrys from acl
197 public void removeAllPositiveEntrys() throws AFSException
{
198 positiveEntries
= new Entry
[0];
199 setACLString(path
, getFormattedString());
203 public boolean containsNegative(Entry entry
) {
205 for (int i
= 0; i
< negativeEntries
.length
; i
++) {
207 if(negativeEntries
[i
].equals(entry
)){
215 public Entry
getNegative(String entryname
) {
217 for (int i
= 0; i
< negativeEntries
.length
; i
++) {
219 if(negativeEntries
[i
].getUser().equalsIgnoreCase(entryname
)){
220 return negativeEntries
[i
];
226 public Entry
getPositive(String entryname
) {
228 for (int i
= 0; i
< positiveEntries
.length
; i
++) {
230 if(positiveEntries
[i
].getUser().equalsIgnoreCase(entryname
)){
231 return positiveEntries
[i
];
236 public boolean containsPositive(Entry entry
) {
238 for (int i
= 0; i
< positiveEntries
.length
; i
++) {
240 if(positiveEntries
[i
].equals(entry
)){
248 * removes a ACL Entry from acl
250 public void removePositiveEntry(Entry entry
) throws AFSException
{
252 ArrayList arr
= new ArrayList();
254 for (int i
= 0; i
< positiveEntries
.length
; i
++) {
256 if(!positiveEntries
[i
].equals(entry
)){
257 arr
.add(positiveEntries
[i
]);
260 positiveEntries
= (ACL
.Entry
[]) arr
.toArray(new ACL
.Entry
[arr
.size()]);
261 setACLString(path
, getFormattedString());
264 private ACL
.Entry
[] getNonEmptyEntries(ACL
.Entry
[] entries
)
266 ArrayList response
= new ArrayList(entries
.length
);
267 for (int i
= 0; i
< entries
.length
; i
++)
269 boolean isNonEmpty
= entries
[i
].canRead() ||
270 entries
[i
].canLookup() ||
271 entries
[i
].canWrite() ||
272 entries
[i
].canInsert() ||
273 entries
[i
].canDelete() ||
274 entries
[i
].canLock() ||
275 entries
[i
].canAdmin();
276 if (isNonEmpty
) response
.add(entries
[i
]);
278 if (response
.size() == entries
.length
) return entries
;
279 return (ACL
.Entry
[])response
.toArray(new ACL
.Entry
[response
.size()]);
282 private void entriesToString(ACL
.Entry
[] entries
, StringBuffer response
)
284 for (int i
= 0; i
< entries
.length
; i
++)
286 this.entryToString((ACL
.Entry
)entries
[i
], response
);
290 private void entryToString(ACL
.Entry entry
, StringBuffer response
)
292 response
.append(entry
.getUser() + '\t' + entry
.getPermissionsMask() + '\n');
296 * Returns a ViceIoctl formatted String representation of this
299 * @return a ViceIoctl formatted String representation of this
302 private String
getFormattedString()
304 StringBuffer out
= null;
305 ACL
.Entry
[] nonEmptyPos
= this.getNonEmptyEntries(this.getPositiveEntries());
306 ACL
.Entry
[] nonEmptyNeg
= this.getNonEmptyEntries(this.getNegativeEntries());
308 out
= new StringBuffer(nonEmptyPos
.length
+ "\n" + nonEmptyNeg
.length
+ "\n");
309 this.entriesToString(nonEmptyPos
, out
);
310 this.entriesToString(nonEmptyNeg
, out
);
312 return out
.toString();
315 /////////////// custom override methods ////////////////////
318 * Compares two ACL objects respective to their paths and does not
319 * factor any other attribute. Alphabetic case is significant in
322 * @param acl The ACL object to be compared to this ACL
325 * @return Zero if the argument is equal to this ACL's path, a
326 * value less than zero if this ACL's path is
327 * lexicographically less than the argument, or a value greater
328 * than zero if this ACL's path is lexicographically
329 * greater than the argument
331 public int compareTo(ACL acl
)
333 return this.getPath().compareTo(acl
.getPath());
337 * Comparable interface method.
339 * @see #compareTo(ACL)
341 public int compareTo(Object obj
)
343 return compareTo((ACL
)obj
);
347 * Tests whether two <code>ACL</code> objects are equal, based on their
348 * paths and permission bits.
350 * @param acl the ACL to test
351 * @return whether the specifed ACL is the same as this ACL
353 public boolean equals( ACL acl
)
355 return ( (this.getPath().equals(acl
.getPath())) &&
356 (positiveEntries
.equals(acl
.getPositiveEntries())) &&
357 (negativeEntries
.equals(acl
.getNegativeEntries())) );
361 * Returns a String representation of this <CODE>ACL</CODE>
363 * @return a String representation of this <CODE>ACL</CODE>
365 public String
toString()
367 ACL
.Entry
[] nonEmptyPos
= this.getNonEmptyEntries(this.getPositiveEntries());
368 ACL
.Entry
[] nonEmptyNeg
= this.getNonEmptyEntries(this.getNegativeEntries());
370 StringBuffer out
= new StringBuffer("ACL for ");
373 out
.append("Positive Entries:\n");
374 for (int i
= 0; i
< nonEmptyPos
.length
; i
++) {
376 out
.append(nonEmptyPos
[i
].toString());
378 if (nonEmptyNeg
.length
> 0) {
379 out
.append("Negative Entries:\n");
380 for (int i
= 0; i
< nonEmptyNeg
.length
; i
++) {
382 out
.append(nonEmptyNeg
[i
].toString());
386 return out
.toString();
389 /////////////// native methods ////////////////////
392 * Returns a formatted String representing the ACL for the specified path.
394 * The string format is in the form of a ViceIoctl and is as follows:
395 * printf("%d\n%d\n", positiveEntriesCount, negativeEntriesCount);
396 * printf("%s\t%d\n", userOrGroupName, rightsMask);
398 * @param path the directory path
399 * @returns a formatted String representing the ACL for the specified path.
400 * @throws an AFSException if an AFS or JNI exception is encountered.
402 private native String
getACLString(String path
) throws AFSException
;
405 * Sets the ACL in the file system according to this abstract representation.
407 * @param path the directory path
408 * @param aclString string representation of ACL to be set
409 * @throws an AFSException if an AFS or JNI exception is encountered.
411 private native void setACLString(String path
, String aclString
) throws AFSException
;
413 /*====================================================================*/
415 /*====================================================================*/
418 * AFS ACL Entry Class.
420 * <p> Documentation reference:
421 * <A HREF="http://www.transarc.com/Library/documentation/afs/3.6/unix/en_US/HTML/AdminGd/auagd020.htm#HDRWQ772">Managing Access Control Lists</A>
423 * @version 2.0, 04/18/2001 - Completely revised class for efficiency.
424 * @version 3.0, 05/01/2002 - Converted class to an inner class.
426 public static final class Entry
implements Serializable
428 /** ACL Mask read constant */
429 public static final int READ
= 1;
430 /** ACL Mask write constant */
431 public static final int WRITE
= 2;
432 /** ACL Mask insert constant */
433 public static final int INSERT
= 4;
434 /** ACL Mask lookup constant */
435 public static final int LOOKUP
= 8;
436 /** ACL Mask delete constant */
437 public static final int DELETE
= 16;
438 /** ACL Mask lock constant */
439 public static final int LOCK
= 32;
440 /** ACL Mask administer constant */
441 public static final int ADMIN
= 64;
443 private String username
;
445 private boolean r
= false;
446 private boolean l
= false;
447 private boolean i
= false;
448 private boolean d
= false;
449 private boolean w
= false;
450 private boolean k
= false;
451 private boolean a
= false;
454 * Constructs a new ACL entry with all permission bits set to <code>false</code>.
460 * Constructs a new ACL entry with all permission bits set to <code>false</code>
461 * and sets the associated user or group name.
463 * @param user The user or group name associated with this entry
465 public Entry(String user
)
470 * Constructs a new ACL entry setting each permission bit to its appropriate
471 * value according to the <code>permissionsMask</code> specified.
480 * @param permissionsMask An integer representation of the permissoin
481 * rights of this entry
483 public Entry(int permissionsMask
)
485 this.setPermissions(permissionsMask
);
488 * Constructs a new ACL entry setting each permission bit to its appropriate
489 * value according to the <code>permissionsMask</code> specified
490 * and sets the associated user or group name.
500 * @param permissionsMask An integer representation of the permissoin
501 * rights of this entry
502 * @param user The username or group associated with this entry
504 public Entry(String user
, int permissionsMask
)
507 this.setPermissions(permissionsMask
);
509 /*-------------------------------------------------------------------------*/
511 * Set this entry's permission bits according to the value of the
512 * <code>permissionsMask</code> specified.
514 * @see #getPermissionsMask
515 * @param permissionsMask An integer representation of the permissoin
516 * rights of this entry
518 public void setPermissions(int permissionsMask
)
520 if ((permissionsMask
& READ
) != 0) {
523 if ((permissionsMask
& LOOKUP
) != 0) {
524 this.setLookup(true);
526 if ((permissionsMask
& INSERT
) != 0) {
527 this.setInsert(true);
529 if ((permissionsMask
& DELETE
) != 0) {
530 this.setDelete(true);
532 if ((permissionsMask
& WRITE
) != 0) {
535 if ((permissionsMask
& LOCK
) != 0) {
538 if ((permissionsMask
& ADMIN
) != 0) {
543 * Returns this entry's permission mask.
545 * <p> <B>Permission Mask</B><BR>
554 * <p> Any combination of the above mask values would equate to a valid combination of
555 * permission settings. For example, if the permission mask was <B>11</B>, the ACL permissions
556 * would be as follows: <code>read</code> (1), <code>write</code> (2), and <code>lookup</code> (8).<BR>
559 * @return An integer representation (mask) of the permissoin rights of this entry
561 public int getPermissionsMask()
563 int permissionsMask
= 0;
564 if (canRead()) permissionsMask
|= READ
;
565 if (canWrite()) permissionsMask
|= WRITE
;
566 if (canInsert()) permissionsMask
|= INSERT
;
567 if (canLookup()) permissionsMask
|= LOOKUP
;
568 if (canDelete()) permissionsMask
|= DELETE
;
569 if (canLock()) permissionsMask
|= LOCK
;
570 if (canAdmin()) permissionsMask
|= ADMIN
;
571 return permissionsMask
;
574 * Returns the user <B>or</B> group name associated with this ACL entry.
576 * @return String representation of the user or group name associated with this entry.
578 public String
getUser()
583 * Sets the user <B>or</B> group name associated with this ACL entry.
585 * @param user representation of the user or group name associated with this entry.
587 public void setUser(String user
)
592 * <IMG SRC="file.gif" ALT="File Permission" WIDTH="15" HEIGHT="15" BORDER="0"> Tests whether the ACL permits <code>read</code> access.
594 * <p> This permission enables a user to read the contents of files in the directory
595 * and to obtain complete status information for the files (read/retrieve the file
598 * <p><FONT COLOR="666699"><IMG SRC="file.gif" ALT="File Permission" WIDTH="15" HEIGHT="15" BORDER="0"> <U><B>File Permission</B></U></FONT><BR>
599 * This permission is meaningful with respect to files in
600 * a directory, rather than the directory itself or its subdirectories.
602 * <p> Documentation reference:
603 * <A HREF="http://www.transarc.com/Library/documentation/afs/3.6/unix/en_US/HTML/AdminGd/auagd020.htm#HDRWQ782">The AFS ACL Permissions</A>
605 * @return <code>true</code> if and only if the ACL permits <code>read</code> access of
606 * files; <code>false</code> otherwise
608 public boolean canRead()
613 * Sets the ACL permission to accomodate <code>read</code> access for files.
616 * @param flag boolean flag that denotes the permission bit for <code>read</code> access.
618 public void setRead(boolean flag
)
623 * <IMG SRC="folder.gif" ALT="Directory Permission" WIDTH="15" HEIGHT="15" BORDER="0"> Tests whether the ACL permits lookup access.
625 * <p> This permission functions as something of a gate keeper for access to the directory
626 * and its files, because a user must have it in order to exercise any other permissions.
627 * In particular, a user must have this permission to access anything in the directory's
628 * subdirectories, even if the ACL on a subdirectory grants extensive permissions.
630 * <p> This permission enables a user to list the names of the files and subdirectories in
631 * the directory (this does not permit read access to its respective entries), obtain
632 * complete status information for the directory element itself, and examine the directory's
635 * <p> This permission does not enable a user to read the contents of a file in the
638 * <p> Similarly, this permission does not enable a user to lookup the contents of,
639 * obtain complete status information for, or examine the ACL of the subdirectory of
640 * the directory. Those operations require the <code>lookup</code> permission on the ACL
641 * of the subdirectory itself.
643 * <p><FONT COLOR="666699"><IMG SRC="folder.gif" ALT="Directory Permission" WIDTH="15" HEIGHT="15" BORDER="0"> <U><B>Directory Permission</B></U></FONT><BR>
644 * This permission is meaningful with respect to the
645 * directory itself. For example, the <code>insert</code> permission (see: {@link #canInsert})
646 * does not control addition of data to a file, but rather creation of a new file or
649 * <p> Documentation reference:
650 * <A HREF="http://www.transarc.com/Library/documentation/afs/3.6/unix/en_US/HTML/AdminGd/auagd020.htm#HDRWQ782">The AFS ACL Permissions</A>
652 * @return <code>true</code> if and only if the ACL permits <code>lookup</code> access for
653 * directories; <code>false</code> otherwise
655 public boolean canLookup()
660 * Sets the ACL permission to accomodate <code>lookup</code> access for directories.
663 * @param flag boolean flag that denotes the permission bit for <code>lookup</code> access.
665 public void setLookup(boolean flag
)
670 * <IMG SRC="folder.gif" ALT="Directory Permission" WIDTH="15" HEIGHT="15" BORDER="0"> Tests whether the ACL permits <code>insert</code> access.
672 * <p> This permission enables a user to add new files to the directory, either by creating
673 * or copying, and to create new subdirectories. It does not extend into any subdirectories,
674 * which are protected by their own ACLs.
676 * <p><FONT COLOR="666699"><IMG SRC="folder.gif" ALT="Directory Permission" WIDTH="15" HEIGHT="15" BORDER="0"> <U><B>Directory Permission</B></U></FONT><BR>
677 * This permission is meaningful with respect to the
678 * directory itself. For example, the <code>insert</code> permission (see: {@link #canInsert})
679 * does not control addition of data to a file, but rather creation of a new file or
682 * <p> Documentation reference:
683 * <A HREF="http://www.transarc.com/Library/documentation/afs/3.6/unix/en_US/HTML/AdminGd/auagd020.htm#HDRWQ782">The AFS ACL Permissions</A>
685 * @return <code>true</code> if and only if the ACL permits <code>insert</code> access for
686 * directories; <code>false</code> otherwise
688 public boolean canInsert()
693 * Sets the ACL permission to accomodate <code>insert</code> access for directories.
696 * @param flag boolean flag that denotes the permission bit for <code>insert</code> access.
698 public void setInsert(boolean flag
)
703 * <IMG SRC="folder.gif" ALT="Directory Permission" WIDTH="15" HEIGHT="15" BORDER="0"> Tests whether the ACL permits <code>delete</code> access.
705 * <p> This permission enables a user to remove files and subdirectories from the directory
706 * or move them into other directories (assuming that the user has the <code>insert</code>
707 * (see: {@link #canInsert}) permission on the ACL of the other directories).
709 * <p><FONT COLOR="666699"><IMG SRC="folder.gif" ALT="Directory Permission" WIDTH="15" HEIGHT="15" BORDER="0"> <U><B>Directory Permission</B></U></FONT><BR>
710 * This permission is meaningful with respect to the
711 * directory itself. For example, the <code>insert</code> permission (see: {@link #canInsert})
712 * does not control addition of data to a file, but rather creation of a new file or
715 * <p> Documentation reference:
716 * <A HREF="http://www.transarc.com/Library/documentation/afs/3.6/unix/en_US/HTML/AdminGd/auagd020.htm#HDRWQ782">The AFS ACL Permissions</A>
718 * @return <code>true</code> if and only if the ACL permits <code>delete</code> access for
719 * directories; <code>false</code> otherwise
721 public boolean canDelete()
726 * Sets the ACL permission to accomodate <code>delete</code> access for directories.
729 * @param flag boolean flag that denotes the permission bit for <code>delete</code> rights.
731 public void setDelete(boolean flag
)
736 * <IMG SRC="file.gif" ALT="File Permission" WIDTH="15" HEIGHT="15" BORDER="0"> Tests whether the ACL permits <code>write</code> access.
738 * <p> This permission enables a user to modify the contents of files in the directory
739 * and to change their operating system specific mode bits.
741 * <p><FONT COLOR="666699"><IMG SRC="file.gif" ALT="File Permission" WIDTH="15" HEIGHT="15" BORDER="0"> <U><B>File Permission</B></U></FONT><BR>
742 * This permission is meaningful with respect to files in
743 * a directory, rather than the directory itself or its subdirectories.
745 * <p> Documentation reference:
746 * <A HREF="http://www.transarc.com/Library/documentation/afs/3.6/unix/en_US/HTML/AdminGd/auagd020.htm#HDRWQ782">The AFS ACL Permissions</A>
748 * @return <code>true</code> if and only if the ACL permits <code>write</code> access for
749 * files; <code>false</code> otherwise
751 public boolean canWrite()
756 * Sets the ACL permission to accomodate <code>write</code> access for files.
759 * @param flag boolean flag that denotes the permission bit for <code>write</code> access.
761 public void setWrite(boolean flag
)
766 * <IMG SRC="file.gif" ALT="File Permission" WIDTH="15" HEIGHT="15" BORDER="0"> Tests whether the ACL permits the <code>lock</code> authority.
768 * <p> This permission enables the user to run programs that issue system calls to
769 * lock files in the directory.
771 * <p><FONT COLOR="666699"><IMG SRC="file.gif" ALT="File Permission" WIDTH="15" HEIGHT="15" BORDER="0"> <U><B>File Permission</B></U></FONT><BR>
772 * This permission is meaningful with respect to files in
773 * a directory, rather than the directory itself or its subdirectories.
775 * <p> Documentation reference:
776 * <A HREF="http://www.transarc.com/Library/documentation/afs/3.6/unix/en_US/HTML/AdminGd/auagd020.htm#HDRWQ782">The AFS ACL Permissions</A>
778 * @return <code>true</code> if and only if the ACL permits <code>lock</code> authority for
779 * files; <code>false</code> otherwise
781 public boolean canLock()
786 * Sets the ACL permission to accomodate <code>lock</code> access for files.
789 * @param flag boolean flag that denotes the permission bit for <code>lock</code> rights.
791 public void setLock(boolean flag
)
796 * <IMG SRC="folder.gif" ALT="Directory Permission" WIDTH="15" HEIGHT="15" BORDER="0"> Tests whether the ACL permits <code>administer</code> access.
798 * <p> This permission enables a user to change the directory's ACL. Members of the
799 * <code>system:administrators</code> group implicitly have this permission on every
800 * directory (that is, even if that group does not appear on the ACL). Similarly, the
801 * owner of a directory implicitly has this permission on its ACL and those of all
802 * directories below it that he or she owns.
804 * <p><FONT COLOR="666699"><IMG SRC="folder.gif" ALT="Directory Permission" WIDTH="15" HEIGHT="15" BORDER="0"> <U><B>Directory Permission</B></U></FONT><BR>
805 * This permission is meaningful with respect to the
806 * directory itself. For example, the <code>insert</code> permission (see: {@link #canInsert})
807 * does not control addition of data to a file, but rather creation of a new file or
810 * <p> Documentation reference:
811 * <A HREF="http://www.transarc.com/Library/documentation/afs/3.6/unix/en_US/HTML/AdminGd/auagd020.htm#HDRWQ782">The AFS ACL Permissions</A>
813 * @return <code>true</code> if and only if the ACL permits <code>administer</code> access for
814 * directories; <code>false</code> otherwise
816 public boolean canAdmin()
821 * Sets the ACL permission to accomodate <code>administer</code> rights for directories.
824 * @param flag boolean flag that denotes the permission bit for <code>administer</code> rights.
826 public void setAdmin(boolean flag
)
831 /////////////// custom override methods ////////////////////
834 * Tests whether two <code>ACL.Entry</code> objects are equal, based on associated
835 * username and permission bits.
837 * @param entry the ACL.Entry to test
838 * @return whether the specifed ACL.Entry is the same as this ACL.Entry
840 public boolean equals( ACL
.Entry entry
)
842 return ( (this.getUser().equals( entry
.getUser() )) &&
843 (this.getPermissionsMask() == entry
.getPermissionsMask()) );
847 * Returns a String representation of this <CODE>ACL.Entry</CODE>
849 * @return a String representation of this <CODE>ACL.Entry</CODE>
851 public String
toString()
853 StringBuffer out
= new StringBuffer(username
);
855 if (r
) out
.append("r");
856 if (l
) out
.append("l");
857 if (i
) out
.append("i");
858 if (d
) out
.append("d");
859 if (w
) out
.append("w");
860 if (k
) out
.append("k");
861 if (a
) out
.append("a");
863 return out
.toString();