Class PathAccessControlEntry
- java.lang.Object
-
- com.azure.storage.file.datalake.models.PathAccessControlEntry
-
public class PathAccessControlEntry extends Object
POSIX access control rights on files and directories.The value is a comma-separated list of access control entries, each access control entry (ACE) consists of four elements in the format "[scope:][type]:[id]:[permissions]":
- Scope
- Type
- User or Group Identifier (AAD ObjectId)
- Permissions
The scope must be "default" to indicate the ACE belongs to the default Access Control List (ACL) for a directory; otherwise scope is implicit and the ACE belongs to the access ACL.
There are four ACE types:
- "user": grants rights to the owner or a named user
- "group" grants rights to the owning group or a named group
- "mask" restricts rights granted to named users and the members of groups
- "other" grants rights to all users not found in any of the other entries
The user or group identifier is omitted for entries of type "mask" and "other". The user or group identifier is also omitted for the owner and owning group.
The permission field is a 3-character sequence where the first character is 'r' to grant read access, the second character is 'w' to grant write access, and the third character is 'x' to grant execute permission. If access is not granted, the '-' character is used to denote that the permission is denied.
For example, the following ACL grants read, write, and execute rights to the file owner and john.doe@contoso, the read right to the owning group, and nothing to everyone else: "user::rwx,user:john.doe@contoso:rwx,group::r--,other::---,mask::rwx".
-
-
Constructor Summary
Constructors Constructor Description PathAccessControlEntry()
Initializes an empty instance ofPathAccessControlEntry
.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
equals(Object o)
AccessControlType
getAccessControlType()
Returns theAccessControlType
for this entry.String
getEntityId()
The Azure AAD Object ID or User Principal Name that is associated with this entry.RolePermissions
getPermissions()
Returns the symbolic form of the permissions for this entry.int
hashCode()
boolean
isInDefaultScope()
Returns whether this ACE is in the default scope.static PathAccessControlEntry
parse(String str)
Parses the provided string into aList<{@link PathAccessControlEntry}>
.static List<PathAccessControlEntry>
parseList(String str)
Deserializes an ACL to the format "user::rwx,user:john.doe@contoso:rwx,group::r--,other::---,mask=rwx"static String
serializeList(List<PathAccessControlEntry> acl)
Converts the Access Control List to aString
.PathAccessControlEntry
setAccessControlType(AccessControlType accessControlType)
Sets theAccessControlType
for this entry.PathAccessControlEntry
setDefaultScope(boolean defaultScope)
Sets whether or not this entry is the default for a directory.PathAccessControlEntry
setEntityId(String entityId)
Sets the entity ID to which this entry will apply.PathAccessControlEntry
setPermissions(RolePermissions permissions)
Sets the permissions for this entry.String
toString()
-
-
-
Constructor Detail
-
PathAccessControlEntry
public PathAccessControlEntry()
Initializes an empty instance ofPathAccessControlEntry
. Constructs an empty instance ofRolePermissions
for the permissions field.
-
-
Method Detail
-
parse
public static PathAccessControlEntry parse(String str)
Parses the provided string into aList<{@link PathAccessControlEntry}>
. Must be of the format "[scope:][type]:[id]:[permissions]".- Parameters:
str
- The string representation of the ACL.- Returns:
- The deserialized list.
- Throws:
IllegalArgumentException
- if the String provided does not match the format.
-
serializeList
public static String serializeList(List<PathAccessControlEntry> acl)
Converts the Access Control List to aString
. The format is specified in the description of this type.- Parameters:
acl
- The Access Control List to serialize.- Returns:
- A
String
representing the serialized Access Control List
-
parseList
public static List<PathAccessControlEntry> parseList(String str)
Deserializes an ACL to the format "user::rwx,user:john.doe@contoso:rwx,group::r--,other::---,mask=rwx"- Parameters:
str
- TheString
representation of the ACL.- Returns:
- The ACL deserialized into a
java.util.List
-
isInDefaultScope
public boolean isInDefaultScope()
Returns whether this ACE is in the default scope.- Returns:
true
if in the default scope andfalse
otherwise.
-
getAccessControlType
public AccessControlType getAccessControlType()
Returns theAccessControlType
for this entry.- Returns:
- The
AccessControlType
for this entry.
-
getEntityId
public String getEntityId()
The Azure AAD Object ID or User Principal Name that is associated with this entry.- Returns:
- The entity for which this entry applies.
-
getPermissions
public RolePermissions getPermissions()
Returns the symbolic form of the permissions for this entry.- Returns:
- The
RolePermissions
for this entry.
-
setDefaultScope
public PathAccessControlEntry setDefaultScope(boolean defaultScope)
Sets whether or not this entry is the default for a directory.- Parameters:
defaultScope
-true
to set as the default scope andfalse
otherwise.- Returns:
- The updated PathAccessControlEntry object.
-
setAccessControlType
public PathAccessControlEntry setAccessControlType(AccessControlType accessControlType)
Sets theAccessControlType
for this entry.- Parameters:
accessControlType
- TheAccessControlType
for this entry.- Returns:
- The updated PathAccessControlEntry object.
-
setEntityId
public PathAccessControlEntry setEntityId(String entityId)
Sets the entity ID to which this entry will apply. Must be null if the type isAccessControlType.MASK
orAccessControlType.OTHER
or if the user is the owner or the group is the owning group. Must be a valid Azure AAD Object ID or User Principal Name.- Parameters:
entityId
- The entity to which this entry will apply.- Returns:
- The updated PathAccessControlEntry object.
-
setPermissions
public PathAccessControlEntry setPermissions(RolePermissions permissions)
Sets the permissions for this entry.- Parameters:
permissions
-RolePermissions
to set for this entry.- Returns:
- The updated PathAccessControlEntry object.
-
-