java.security.acl

Interface Acl

public interface Acl extends Owner

A Java access control list (ACL) is a group of individual ACL entries. These entries consist of a Principal and a list of permissions this Principal is either granted or denied. A given Principal can have at most one positive ACL entry (i.e., one that grants permissions) and one negative ACL entry (i.e., one that denies permissions). If a given permission is both granted and denied, the ACL treats it as if it were never granted or denied. If both a Principal and a Group to which the Principal belongs have an ACL entry, the permissions for the individual Principal take precedence over the permissions of the Group if there is a conflict.

Additionally, the ACL interface extends the Owner interface and so an ACL has owners. Actions which modify the ACL are restricted to owners.

Method Summary
boolean	addEntry(Principal caller, AclEntry entry) This method adds the specified entry to the ACL
boolean	checkPermission(Principal user, Permission perm) This method tests whether or not the specified `Principal` has the specified `Permission`
Enumeration<AclEntry>	entries() This method returns a list of all the entries in the ACL as an `Enumeration`.
String	getName() This method returns the name of this ACL.
Enumeration<Permission>	getPermissions(Principal user) This method returns a list of `Permission`'s that are granted to a particular `Principal`.
boolean	removeEntry(Principal caller, AclEntry entry) This method delets the specified entry from the ACL
void	setName(Principal caller, String name) This method sets the name of the ACL
String	toString() This method returns the ACL as a `String`

Method Detail

addEntry

public boolean addEntry(Principal caller, AclEntry entry)

This method adds the specified entry to the ACL

Parameters: caller The Principal requesting the addition entry The ACL entry to add

Returns: true if the entry was added, false if there is already an entry of the same type for the Principal.

Throws: NotOwnerException If the caller is not an owner of this ACL.

checkPermission

public boolean checkPermission(Principal user, Permission perm)

This method tests whether or not the specified Principal has the specified Permission

Parameters: user The Principal to test perm The Permission to test for

Returns: true if the user has been granted the permission, false otherwise

entries

public Enumeration<AclEntry> entries()

This method returns a list of all the entries in the ACL as an Enumeration.

Returns: An enumeration of the ACL entries

getName

public String getName()

This method returns the name of this ACL.

Returns: The name of this ACL

getPermissions

public Enumeration<Permission> getPermissions(Principal user)

This method returns a list of Permission's that are granted to a particular Principal. This includes any permissions that are granted to Group's to which the Principal belongs unless they are overridden by a negative ACL. This permission list is returned as an Enumeration.

Parameters: user The Principal to retrieve permissions for.

Returns: A list of permissions for the Principal.

removeEntry

public boolean removeEntry(Principal caller, AclEntry entry)

This method delets the specified entry from the ACL

Parameters: caller The Principal requesting the deletion. entry The ACL entry to delete

Returns: true if the entry was deleted, or false if this entry was not part of the ACL to begin with

Throws: NotOwnerException If the caller is not an owner of this ACL.

setName

public void setName(Principal caller, String name)

This method sets the name of the ACL

Parameters: caller The Principal requesting the action. name The new name for this ACL.

Throws: NotOwnerException If the caller is not an owner of this ACL.

toString

public String toString()

This method returns the ACL as a String

Returns: A String representation of this ACL