Skip to content

Most visited

Recently visited

navigation
Added in API level 1

Acl

public interface Acl
implements Owner

java.security.acl.Acl


The Access Control List (ACL) interface definition.

An ACL is a set of AclEntry objects.

An AclEntry is a list of Permissions that are granted (positive) or denied (negative) to a Principal.

An Acl has a list of owners (Owner) which are principals as well Principal. Only those principals which are the Acl's owners are allowed to modify the Acl.

The ACL has to conform to the following rules:

Summary

Public methods

abstract boolean addEntry(Principal caller, AclEntry entry)

Adds an AclEntry to this ACL instance.

abstract boolean checkPermission(Principal principal, Permission permission)

Checks whether the specified principal is granted the specified permission.

abstract Enumeration<AclEntry> entries()

Returns an Enumeration of the AclEntry of this ACL.

abstract String getName()

Returns the name of this ACL instance.

abstract Enumeration<Permission> getPermissions(Principal user)

Returns the set of allowed permissions for the specified Principal.

abstract boolean removeEntry(Principal caller, AclEntry entry)

Removes an AclEntry from this ACL instance.

abstract void setName(Principal caller, String name)

Sets the name of this ACL instance.

abstract String toString()

Returns the string representation of this ACL.

Inherited methods

From interface java.security.acl.Owner

Public methods

addEntry

Added in API level 1
boolean addEntry (Principal caller, 
                AclEntry entry)

Adds an AclEntry to this ACL instance.

If the ACL already has an AclEntry of the same type ( positive or negative) and principal, then the new entry is not added.

Parameters
caller Principal: the invoking Principal.
entry AclEntry: the ACL entry to add.
Returns
boolean true if the entry is added, false if there is already an entry of the same type for the same principal
Throws
NotOwnerException if the invoking Principal is not an owner of this ACL.

checkPermission

Added in API level 1
boolean checkPermission (Principal principal, 
                Permission permission)

Checks whether the specified principal is granted the specified permission.

The list of granted permissions is determined according to the rules specified by getPermissions.

Parameters
principal Principal: the principal the check the permissions for.
permission Permission: the permission to check for the principal.
Returns
boolean true if the principal is granted the permission, otherwise false.

See also:

entries

Added in API level 1
Enumeration<AclEntry> entries ()

Returns an Enumeration of the AclEntry of this ACL.

Returns
Enumeration<AclEntry> an Enumeration of the AclEntry of this ACL.

getName

Added in API level 1
String getName ()

Returns the name of this ACL instance.

Returns
String the name of this ACL instance.

getPermissions

Added in API level 1
Enumeration<Permission> getPermissions (Principal user)

Returns the set of allowed permissions for the specified Principal.

If the specified principal has no entry in this ACL, an empty set is returned.

The allowed permissions are collected according to the following rules:

  • The two permission lists (positive and negative) of the principal's groups (Group) are collected. The positive (granted) permissions are the union of all group's positive permissions that the principal belongs to, the negative (denied) permissions are the union of all group's negative permissions that the principal belongs to. If a specific permission is in both the positive and the negative list, it is removed from both lists.
  • The individual permissions (positive and negative) of the principal override the group permissions. The positive individual permissions override the group's negative permissions and the negative individual permissions override the grpup's positive permissions.

Parameters
user Principal: the principal to get the allowed permissions for.
Returns
Enumeration<Permission> the set of allowed permissions for the specified principal.

removeEntry

Added in API level 1
boolean removeEntry (Principal caller, 
                AclEntry entry)

Removes an AclEntry from this ACL instance.

Parameters
caller Principal: the invoking Principal.
entry AclEntry: the ACL entry to remove.
Returns
boolean true if the entry is removed, false if the entry is not in this ACL.
Throws
NotOwnerException if the invoking Principal is not an owner of this ACL.

setName

Added in API level 1
void setName (Principal caller, 
                String name)

Sets the name of this ACL instance.

Parameters
caller Principal: the invoking Principal.
name String: the name to be set.
Throws
NotOwnerException if the invoking Principal is not an owner of this ACL.

toString

Added in API level 1
String toString ()

Returns the string representation of this ACL.

Returns
String the string representation of this ACL.
This site uses cookies to store your preferences for site-specific language and display options.

Hooray!

This class requires API level or higher

This doc is hidden because your selected API level for the documentation is . You can change the documentation API level with the selector above the left navigation.

For more information about specifying the API level your app requires, read Supporting Different Platform Versions.