001/* Acl.java -- An access control list 002 Copyright (C) 1998 Free Software Foundation, Inc. 003 004This file is part of GNU Classpath. 005 006GNU Classpath is free software; you can redistribute it and/or modify 007it under the terms of the GNU General Public License as published by 008the Free Software Foundation; either version 2, or (at your option) 009any later version. 010 011GNU Classpath is distributed in the hope that it will be useful, but 012WITHOUT ANY WARRANTY; without even the implied warranty of 013MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 014General Public License for more details. 015 016You should have received a copy of the GNU General Public License 017along with GNU Classpath; see the file COPYING. If not, write to the 018Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 01902110-1301 USA. 020 021Linking this library statically or dynamically with other modules is 022making a combined work based on this library. Thus, the terms and 023conditions of the GNU General Public License cover the whole 024combination. 025 026As a special exception, the copyright holders of this library give you 027permission to link this library with independent modules to produce an 028executable, regardless of the license terms of these independent 029modules, and to copy and distribute the resulting executable under 030terms of your choice, provided that you also meet, for each linked 031independent module, the terms and conditions of the license of that 032module. An independent module is a module which is not derived from 033or based on this library. If you modify this library, you may extend 034this exception to your version of the library, but you are not 035obligated to do so. If you do not wish to do so, delete this 036exception statement from your version. */ 037 038package java.security.acl; 039 040import java.security.Principal; 041import java.util.Enumeration; 042 043/** 044 * A Java access control list (ACL) is a group of individual ACL entries. 045 * These entries consist of a <code>Principal</code> and a list of 046 * permissions this <code>Principal</code> is either granted or denied. 047 * A given <code>Principal</code> can have at most one positive ACL entry 048 * (i.e., one that grants permissions) and one negative ACL entry (i.e., one 049 * that denies permissions). If a given permission is both granted and 050 * denied, the ACL treats it as if it were never granted or denied. If 051 * both a <code>Principal</code> and a <code>Group</code> to which the 052 * <code>Principal</code> belongs have an ACL entry, the permissions for 053 * the individual <code>Principal</code> take precedence over the 054 * permissions of the <code>Group</code> if there is a conflict. 055 * <p> 056 * Additionally, the ACL interface extends the <code>Owner</code> interface 057 * and so an ACL has owners. Actions which modify the ACL are restricted 058 * to owners. 059 * 060 * @version 0.0 061 * 062 * @author Aaron M. Renn (arenn@urbanophile.com) 063 */ 064public interface Acl extends Owner 065{ 066 067 /** 068 * This method returns the name of this ACL. 069 * 070 * @return The name of this ACL 071 */ 072 String getName(); 073 074 /** 075 * This method sets the name of the ACL 076 * 077 * @param caller The <code>Principal</code> requesting the action. 078 * @param name The new name for this ACL. 079 * 080 * @exception NotOwnerException If the caller is not an owner of this ACL. 081 */ 082 void setName(Principal caller, String name) 083 throws NotOwnerException; 084 085 /** 086 * This method adds the specified entry to the ACL 087 * 088 * @param caller The <code>Principal</code> requesting the addition 089 * @param entry The ACL entry to add 090 * 091 * @return <code>true</code> if the entry was added, <code>false</code> 092 * if there is already an entry of the same type for the 093 * <code>Principal</code>. 094 * 095 * @exception NotOwnerException If the caller is not an owner of this ACL. 096 */ 097 boolean addEntry(Principal caller, AclEntry entry) 098 throws NotOwnerException; 099 100 /** 101 * This method delets the specified entry from the ACL 102 * 103 * @param caller The <code>Principal</code> requesting the deletion. 104 * @param entry The ACL entry to delete 105 * 106 * @return <code>true</code> if the entry was deleted, or <code>false</code> 107 * if this entry was not part of the ACL to begin with 108 * 109 * @exception NotOwnerException If the caller is not an owner of this ACL. 110 */ 111 boolean removeEntry(Principal caller, AclEntry entry) 112 throws NotOwnerException; 113 114 /** 115 * This method returns a list of all the entries in the ACL as an 116 * <code>Enumeration</code>. 117 * 118 * @return An enumeration of the ACL entries 119 */ 120 Enumeration<AclEntry> entries(); 121 122 /** 123 * This method tests whether or not the specified <code>Principal</code> 124 * has the specified <code>Permission</code> 125 * 126 * @param user The <code>Principal</code> to test 127 * @param perm The <code>Permission</code> to test for 128 * 129 * @return <code>true</code> if the user has been granted the permission, 130 * <code>false</code> otherwise 131 */ 132 boolean checkPermission(Principal user, Permission perm); 133 134 /** 135 * This method returns a list of <code>Permission</code>'s that are granted 136 * to a particular <code>Principal</code>. This includes any permissions 137 * that are granted to <code>Group</code>'s to which the <code>Principal</code> 138 * belongs unless they are overridden by a negative ACL. This permission 139 * list is returned as an <code>Enumeration</code>. 140 * 141 * @param user The <code>Principal</code> to retrieve permissions for. 142 * 143 * @return A list of permissions for the <code>Principal</code>. 144 */ 145 Enumeration<Permission> getPermissions(Principal user); 146 147 /** 148 * This method returns the ACL as a <code>String</code> 149 * 150 * @return A <code>String</code> representation of this ACL 151 */ 152 String toString(); 153}