Entry of access control list (ACL). More...

#include <base/security/AccessControlEntry.h>

Inherits Object.

Classes
struct	Permissions

Public Types
enum	ExplicitPermission { EXECUTE = 1, READ_DATA = EXECUTE << 1, READ_ATTRIBUTES = READ_DATA << 1, READ_EXTENDED_ATTRIBUTES = READ_ATTRIBUTES << 1, READ_PERMISSIONS = READ_EXTENDED_ATTRIBUTES << 1, WRITE_DATA = READ_PERMISSIONS << 1, ADD_CONTENT = WRITE_DATA << 1, CHANGE_ATTRIBUTES = ADD_CONTENT << 1, CHANGE_EXTENDED_ATTRIBUTES = CHANGE_ATTRIBUTES << 1, CHANGE_PERMISSIONS = CHANGE_EXTENDED_ATTRIBUTES << 1, CHANGE_OWNER = CHANGE_PERMISSIONS << 1, REMOVE = CHANGE_OWNER << 1, REMOVE_COMPONENT = REMOVE << 1, SYNCHRONIZE = REMOVE_COMPONENT << 1, APPEND_DATA = ADD_CONTENT, TRAVERSE_FOLDER = EXECUTE, LIST_FOLDER = READ_DATA, ADD_FILE = WRITE_DATA, CREATE_FOLDERS = APPEND_DATA }

enum	CompositePermission { NO = 0, READ = READ_DATA\|READ_ATTRIBUTES\|READ_EXTENDED_ATTRIBUTES\|READ_PERMISSIONS, WRITE = WRITE_DATA\|APPEND_DATA\|CHANGE_ATTRIBUTES\|CHANGE_EXTENDED_ATTRIBUTES\|CHANGE_PERMISSIONS\|CHANGE_OWNER\|REMOVE\|REMOVE_COMPONENT, READ_AND_EXECUTE = READ\|EXECUTE, LIST_AND_TRAVERSE = READ_AND_EXECUTE, MODIFY = READ_DATA\|READ_ATTRIBUTES\|READ_EXTENDED_ATTRIBUTES\|READ_PERMISSIONS\|WRITE_DATA\|APPEND_DATA\|CHANGE_ATTRIBUTES\|CHANGE_EXTENDED_ATTRIBUTES\|REMOVE\|EXECUTE, FULL = READ\|WRITE\|EXECUTE }

typedef uint32	AccessMask

Public Member Functions
	AccessControlEntry () noexcept

	AccessControlEntry (const Trustee &trustee) noexcept

	AccessControlEntry (const Trustee &trustee, AccessMask allowed) noexcept

	AccessControlEntry (const Trustee &trustee, const Permissions &permissions) noexcept

	AccessControlEntry (const AccessControlEntry &copy) noexcept

AccessControlEntry &	operator= (const AccessControlEntry &assign) noexcept

const Permissions &	getPermissions () const noexcept

void	replace (const Permissions &permissions) noexcept

void	filter (AccessMask permissions) noexcept

void	grant (AccessMask allowed) noexcept

void	revoke (AccessMask denied) noexcept

void	combine (const Permissions &permissions) noexcept

const Trustee &	getTrustee () const noexcept

Static Public Member Functions
static String	maskToString (AccessMask mask)

Detailed Description

Entry of access control list (ACL).

An entry within an Access Control List (ACL) describing the access rights for a single trustee.

See also: AccessControlList

Version: 1.0

Member Typedef Documentation

◆ AccessMask

typedef uint32 AccessControlEntry::AccessMask

The access mask.

Member Enumeration Documentation

◆ CompositePermission

enum AccessControlEntry::CompositePermission

Composite permissions.

Enumerator
NO	Trustee does not have any access.
READ	Permission to read object.
WRITE	Permission to change object.
READ_AND_EXECUTE	Permission to read and execute object.
LIST_AND_TRAVERSE	Permission to list and traverse a folder.
MODIFY	Permission to modify object.
FULL	Trustee has full access.

◆ ExplicitPermission

enum AccessControlEntry::ExplicitPermission

The fundamental permissions.

Enumerator
EXECUTE	Execute permission.
READ_DATA	Read content permission.
READ_ATTRIBUTES	Read basic attributes permission.
READ_EXTENDED_ATTRIBUTES	Read extended attributes permission.
READ_PERMISSIONS	Permissions to read permissions.
WRITE_DATA	Permission to change content of object.
ADD_CONTENT	Permission to add content to object.
CHANGE_ATTRIBUTES	Permissions to change basic attributes.
CHANGE_EXTENDED_ATTRIBUTES	Permission to change extended attributes.
CHANGE_PERMISSIONS	Permission to change permissions of object.
CHANGE_OWNER	Permission to change the owner of an object.
REMOVE	Permission to remove the object.
REMOVE_COMPONENT	Permission to remove subcomponents.
SYNCHRONIZE	Synchronization permission.
APPEND_DATA	Permission to append data to file.
TRAVERSE_FOLDER	Permission to traverse folder.
LIST_FOLDER	Permission to read content of folder.
ADD_FILE	Permission to add file in folder.
CREATE_FOLDERS	Permission to add subfolder.

Constructor & Destructor Documentation

◆ AccessControlEntry() [1/5]

AccessControlEntry::AccessControlEntry ( )

noexcept

Initializes ACE as EVERYONE with all permissions denied.

◆ AccessControlEntry() [2/5]

AccessControlEntry::AccessControlEntry ( const Trustee & trustee )

noexcept

Initializes ACE with specified trustee and no allowed access (and no denied access).

◆ AccessControlEntry() [3/5]

AccessControlEntry::AccessControlEntry	(	const Trustee &	trustee,
		AccessMask	allowed
	)

noexcept

Initializes access control entry (ACE) with the specified allowed (and no denied) permissions.

Parameters

trustee	The trustee.
allowed	The allowed permissions (e.g. READ, WRITE, ...).

◆ AccessControlEntry() [4/5]

AccessControlEntry::AccessControlEntry	(	const Trustee &	trustee,
		const Permissions &	permissions
	)

noexcept

Initializes access control entry (ACE) with the specified allowed and denied permissions.

Parameters

trustee	The trustee.
permissions	The allowed/denied permissions (e.g. READ, WRITE, ...).

◆ AccessControlEntry() [5/5]

AccessControlEntry::AccessControlEntry ( const AccessControlEntry & copy )

noexcept

Initialization of object from other object.

Member Function Documentation

◆ combine()

void AccessControlEntry::combine ( const Permissions & permissions )

noexcept

Combines the specified permissions with the ACE.

Parameters

permissions The permissions to merge with.

◆ filter()

void AccessControlEntry::filter ( AccessMask permissions )

noexcept

Filters out any permissions missing from the specified mask.

◆ getPermissions()

const Permissions& AccessControlEntry::getPermissions ( ) const

inlinenoexcept

Returns the permissions.

◆ getTrustee()

const Trustee& AccessControlEntry::getTrustee ( ) const

inlinenoexcept

Returns the trustee.

◆ grant()

void AccessControlEntry::grant ( AccessMask allowed )

noexcept

Grants the specified permissions.

Parameters

allowed The permissions to allow.

◆ maskToString()

static String AccessControlEntry::maskToString ( AccessMask mask )

static

Returns a string representation of the access mask.

◆ operator=()

AccessControlEntry& AccessControlEntry::operator= ( const AccessControlEntry & assign )

noexcept

Assignment of object by object.

◆ replace()

void AccessControlEntry::replace ( const Permissions & permissions )

noexcept

Replaces the permissions. The denied permissions take precedence over allowed permissions if they conflict.

Parameters

permissions The new permissions.

◆ revoke()

void AccessControlEntry::revoke ( AccessMask denied )

noexcept

Marks the specified permissions as denied.

Parameters

denied The permissions to deny.

Classes

Public Types

Public Member Functions

Static Public Member Functions

Detailed Description

Member Typedef Documentation

◆ AccessMask

Member Enumeration Documentation

◆ CompositePermission

◆ ExplicitPermission

Constructor & Destructor Documentation

◆ AccessControlEntry() [1/5]

◆ AccessControlEntry() [2/5]

◆ AccessControlEntry() [3/5]

◆ AccessControlEntry() [4/5]

◆ AccessControlEntry() [5/5]

Member Function Documentation

◆ combine()

◆ filter()

◆ getPermissions()

◆ getTrustee()

◆ grant()

◆ maskToString()

◆ operator=()

◆ replace()

◆ revoke()