All Packages  Class Hierarchy  This Package  Previous  Next  Index

Class jnfs.security.UnixStylePermissionGranter

java.lang.Object
   |
   +----jnfs.security.UnixStylePermissionGranter

public abstract class UnixStylePermissionGranter

extends Object

implements PermissionGranter

Version:

$Id: UnixStylePermissionGranter.java,v 1.38 1997/05/20 19:16:20 mjr Exp $

Author:

Michael John Radwin

groupPrefix

The prefix prepended to all groupnames before they are used to instantiate a GroupImpl.

S_IRGRP

Read by group.

S_IROTH

Read by others.

S_IRUSR

Read by owner.

S_IRWXG

Read, write, execute by group.

S_IRWXO

Read, write, execute (search) by others.

S_IRWXU

Read, write, execute by owner.

S_ISGID

Set group id on execution.

S_ISUID

Set user id on execution.

S_ISVTX

Save text image after execution.

S_IWGRP

Write by group.

S_IWOTH

Write by others.

S_IWUSR

Write by owner.

S_IXGRP

Execute by group.

S_IXOTH

Execute by others.

S_IXUSR

Execute (search if directory) by owner.

users

Used to obtain references to FileSystemUsers.

UnixStylePermissionGranter(UserTable)

Constructs a permission granter with the specified user table.

checkPermission(Principal, Permission, File)

Determines if user has permission for file.

chmod(String, int)

Changes the mode of pathname to mode.

chown(String, String, String)

Changes the ownership of pathname to owner and group membership to group.

createAcl(String, int, Principal, Group)

Creates an ACL for pathname for the given owner and group according to mode.

getAccessControl(File)

Gets existring permissions on file.

getAcl(String)

Gets the ACL for pathname based on information provided by the underlying unix file system.

getAttributesPermission()

Returns the global permission represening "attributes" access

getDeletePermission()

Returns the global permission represening "delete" access

getExecutePermission()

Returns the global permission represening "execute" access

getGroup(String)

Gets the principal named name

getListPermission()

Returns the global permission represening "list" access

getPrincipal(String)

Gets the principal named name

getReadPermission()

Returns the global permission represening "read" access

getRenamePermission()

Returns the global permission represening "rename" access

getStickyPermission()

Returns the global permission represening "sticky" access

getWritePermission()

Returns the global permission represening "write" access

group(String)

Returns the name of the group associated with pathname.

invalidateCache(File)

If ACL information for file is cached, invalidates it.

members(String)

Returns the group members of group groupname.

mode(String)

Returns the Unix mode bits associated with pathname.

owner(String)

Returns the name of the owner of pathname.

setAccessControl(Principal, File, Acl)

Replaces any existing permissions on file with the new permissions in acl.

setDefaultAccessControl(Principal, File)

Replaces any existing permissions on file with the default permissions for newOwner.

worldGroup()

Returns the group containing all FileSystemUsers.

 public static final int S_IRWXU

Read, write, execute by owner.

 public static final int S_IRUSR

Read by owner.

 public static final int S_IWUSR

Write by owner.

 public static final int S_IXUSR

Execute (search if directory) by owner.

 public static final int S_IRWXG

Read, write, execute by group.

 public static final int S_IRGRP

Read by group.

 public static final int S_IWGRP

Write by group.

 public static final int S_IXGRP

Execute by group.

 public static final int S_IRWXO

Read, write, execute (search) by others.

 public static final int S_IROTH

Read by others.

 public static final int S_IWOTH

Write by others.

 public static final int S_IXOTH

Execute by others.

 public static final int S_ISVTX

Save text image after execution.

If a directory is writable and has S_ISVTX (the sticky bit) set, files within that directory can be removed or renamed only if one or more of the following is true (see unlink(2) and rename(2)):

• the user owns the file
• the user owns the directory
• the file is writable by the user
• the user is a privileged user

 public static final int S_ISUID

Set user id on execution.

 public static final int S_ISGID

Set group id on execution.

 protected UserTable users

Used to obtain references to FileSystemUsers.

 protected final String groupPrefix

The prefix prepended to all groupnames before they are used to instantiate a GroupImpl. Group names do not use the prefix when inserted into the group cache.

 public UnixStylePermissionGranter(UserTable users)

Constructs a permission granter with the specified user table.

 protected abstract int mode(String pathname) throws IOException

Returns the Unix mode bits associated with pathname.

Throws: IOException

if an I/O error occurs.

Throws: FileNotFoundException

if pathname does not exist.

 protected abstract String owner(String pathname) throws IOException

Returns the name of the owner of pathname.

Throws: IOException

if an I/O error occurs.

Throws: FileNotFoundException

if pathname does not exist.

 protected abstract String group(String pathname) throws IOException

Returns the name of the group associated with pathname.

Throws: IOException

if an I/O error occurs.

Throws: FileNotFoundException

if pathname does not exist.

 protected abstract String[] members(String groupname) throws IOException

Returns the group members of group groupname.

Throws: IOException

if the group does not exist.

 protected abstract void chmod(String pathname,
                               int mode) throws IOException

Changes the mode of pathname to mode.

Throws: IOException

if an I/O error occurs.

Throws: FileNotFoundException

if pathname does not exist.

 protected abstract void chown(String pathname,
                               String owner,
                               String group) throws IOException

Changes the ownership of pathname to owner and group membership to group. If either owner or group are null, that permission is not changed. If both are null, nothing happens.

Throws: IOException

if an I/O error occurs.

Throws: FileNotFoundException

if pathname does not exist.

 public Group worldGroup()

Returns the group containing all FileSystemUsers.

 public Acl getAccessControl(File file) throws IOException

Gets existring permissions on file. Permissions on a particular file don't necessarily map 1-to-1 to who can access the file or not because there may be security restrictions on the parent directories of the file that override this file's settings.

Returns:

the ACL for this file if the user can see it; null otherwise.

Throws: IOException

if an I/O error occurs.

 public boolean setAccessControl(Principal user,
                                 File file,
                                 Acl acl) throws IOException, NotOwnerException

Replaces any existing permissions on file with the new permissions in acl.

Returns:

true if the permissions were set; false otherwise.

Throws: IOException

if an I/O error occurs.

Throws: NotOwnerException

if user is not an owner of file.

 public boolean setDefaultAccessControl(Principal newOwner,
                                        File file) throws IOException

Replaces any existing permissions on file with the default permissions for newOwner. Changes the ownership to the new owner.

Returns:

true if the permissions were set; false otherwise.

Throws: IOException

if an I/O error occurs.

 public boolean invalidateCache(File file)

If ACL information for file is cached, invalidates it.

Returns:

true if the ACL information was in the cache; false otherwise.

 public boolean checkPermission(Principal user,
                                Permission permission,
                                File file) throws IOException

Determines if user has permission for file.

Returns:

true if user has the specified permission; false otherwise.

Throws: IOException

if an I/O error occurs.

 protected Principal getPrincipal(String name)

Gets the principal named name

 protected Group getGroup(String name) throws IOException

Gets the principal named name

Throws: IOException

if an I/O error occurs.

 protected Acl getAcl(String pathname) throws IOException

Gets the ACL for pathname based on information provided by the underlying unix file system. Caches whatever return value it provides.

Throws: IOException

if an I/O error occurs.

See Also:

createAcl

 protected Acl createAcl(String pathname,
                         int mode,
                         Principal owner,
                         Group grp)

Creates an ACL for pathname for the given owner and group according to mode. Does not cache return value or use underlying filesytem for any info.

 public Permission getReadPermission()

Returns the global permission represening "read" access

 public Permission getWritePermission()

Returns the global permission represening "write" access

 public Permission getExecutePermission()

Returns the global permission represening "execute" access

 public Permission getDeletePermission()

Returns the global permission represening "delete" access

 public Permission getAttributesPermission()

Returns the global permission represening "attributes" access

 public Permission getListPermission()

Returns the global permission represening "list" access

 public Permission getRenamePermission()

Returns the global permission represening "rename" access

 public Permission getStickyPermission()

Returns the global permission represening "sticky" access

All Packages  Class Hierarchy  This Package  Previous  Next  Index