ajanta.security.fileacl
Class FileSystemAcl
java.lang.Object
|
+--ajanta.security.fileacl.FileAcl
|
+--ajanta.security.fileacl.FileSystemAcl
- public class FileSystemAcl
- extends FileAcl
This Access Control list is used by the ajanta FileSystem
The rules for granting or denying access are as follows:
1. If an access control list (ACL) is associated with the file exists,
then this system checks if this list contains an entry giving permission
to the agent's owner for the requested operation. If so, the operation is allowed.
2. If there is no access control list (ACL) associated with a file/directory,
then the system looks for the ACL of its parent directory. This rule is applied recursively,
until a directory with an ACL or the root directory is reached.
If no ACL is associated with the root directory, access is denied.
3. If a directory is reached with an ACL associated,
this ACL is searched for the access rights given to the agent's
owner. Each entry also contains an ``inheritance" right, which means that
the rights given to a principal for this directory are also
applicable to the files and directories contained within it if
no ACL is associated with them.
Method Summary |
boolean |
checkPermission(ajanta.naming.URN userURN,
ajanta.naming.URN file,
java.lang.String perm)
Check permission for a user |
protected void |
createAclEntry(java.lang.String line)
Create ACL entries : read for "r","write" for "w" and inherit for "i" |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
FileSystemAcl
public FileSystemAcl(java.lang.String root)
createAclEntry
protected void createAclEntry(java.lang.String line)
- Description copied from class:
FileAcl
- Create ACL entries : read for "r","write" for "w" and inherit for "i"
- Overrides:
createAclEntry
in class FileAcl
checkPermission
public boolean checkPermission(ajanta.naming.URN userURN,
ajanta.naming.URN file,
java.lang.String perm)
- Description copied from class:
FileAcl
- Check permission for a user
- Overrides:
checkPermission
in class FileAcl
- Parameters:
userURN
- urn of the user