/** * @return the representation of the permitted actions in the format of {@link Mode.Bits} */ public Mode.Bits toModeBits() { Mode.Bits bits = Mode.Bits.NONE; if (contains(AclAction.READ)) { bits = bits.or(Mode.Bits.READ); } if (contains(AclAction.WRITE)) { bits = bits.or(Mode.Bits.WRITE); } if (contains(AclAction.EXECUTE)) { bits = bits.or(Mode.Bits.EXECUTE); } return bits; } }
/** * Checks whether the user has the permission to perform the action. * * 1. If the user is the owner, then the owner entry determines the permission; * 2. Else if the user matches the name of one of the named user entries, this entry determines * the permission; * 3. Else if one of the groups is the owning group and the owning group entry contains the * requested permission, the permission is granted; * 4. Else if one of the groups matches the name of one of the named group entries and this entry * contains the requested permission, the permission is granted; * 5. Else if one of the groups is the owning group or matches the name of one of the named group * entries, but neither the owning group entry nor any of the matching named group entries * contains the requested permission, the permission is denied; * 6. Otherwise, the other entry determines the permission. * * @param user the user * @param groups the groups the user belongs to * @param action the action * @return whether user has the permission to perform the action */ public boolean checkPermission(String user, List<String> groups, AclAction action) { return getPermission(user, groups).contains(action); }
/** * Update the mask to be the union of owning group entry, named user entry and named group entry. * @param groupActions the group entry to be integrated into the mask */ public void updateMask(AclActions groupActions) { AclActions result = new AclActions(groupActions); for (Map.Entry<String, AclActions> kv : mNamedUserActions.entrySet()) { AclActions userAction = kv.getValue(); result.merge(userAction); for (AclAction action : AclAction.values()) { if (result.contains(action) || userAction.contains(action)) { result.add(action); } } } for (Map.Entry<String, AclActions> kv : mNamedGroupActions.entrySet()) { AclActions userAction = kv.getValue(); result.merge(userAction); for (AclAction action : AclAction.values()) { if (result.contains(action) || userAction.contains(action)) { result.add(action); } } } mMaskActions = result; }
/** * Tests {@link AclActions#contains(AclAction)}. */ @Test public void contains() { AclActions actions = new AclActions(); Assert.assertFalse(actions.contains(AclAction.READ)); Assert.assertFalse(actions.contains(AclAction.WRITE)); Assert.assertFalse(actions.contains(AclAction.EXECUTE)); actions.add(AclAction.READ); Assert.assertTrue(actions.contains(AclAction.READ)); actions.add(AclAction.WRITE); Assert.assertTrue(actions.contains(AclAction.WRITE)); actions.add(AclAction.EXECUTE); Assert.assertTrue(actions.contains(AclAction.EXECUTE)); }