org.opends.server.types
Class FilePermission

java.lang.Object
  extended by org.opends.server.types.FilePermission

@PublicAPI(stability=VOLATILE,
           mayInstantiate=true,
           mayExtend=false,
           mayInvoke=true)
public class FilePermission
extends java.lang.Object

This class provides a mechanism for setting file permissions in a more abstract manner than is provided by the underlying operating system and/or filesystem. It uses a traditional UNIX-style rwx/ugo representation for the permissions and converts them as necessary to the scheme used by the underlying platform. It does not provide any mechanism for getting file permissions, nor does it provide any way of dealing with file ownership or ACLs.

Note that the mechanism used to perform this work on UNIX systems is based on executing the chmod command on the underlying system. This should be a safe operation because the Directory Server startup scripts should explicitly specify the PATH that should be used. Nevertheless, it is possible to prevent the server from using the Runtime.exec method by setting the org.opends.server.DisableExec system property with a value of "true".


Field Summary
static int GROUP_EXECUTABLE
          The bitmask that should be used for indicating whether a file is executable by members of its group.
static int GROUP_READABLE
          The bitmask that should be used for indicating whether a file is readable by members of its group.
static int GROUP_WRITABLE
          The bitmask that should be used for indicating whether a file is writable by members of its group.
static int OTHER_EXECUTABLE
          The bitmask that should be used for indicating whether a file is executable by users other than the owner or group members.
static int OTHER_READABLE
          The bitmask that should be used for indicating whether a file is readable by users other than the owner or group members.
static int OTHER_WRITABLE
          The bitmask that should be used for indicating whether a file is writable by users other than the owner or group members.
static int OWNER_EXECUTABLE
          The bitmask that should be used for indicating whether a file is executable by its owner.
static int OWNER_READABLE
          The bitmask that should be used for indicating whether a file is readable by its owner.
static int OWNER_WRITABLE
          The bitmask that should be used for indicating whether a file is writable by its owner.
 
Constructor Summary
FilePermission(boolean ownerReadable, boolean ownerWritable, boolean ownerExecutable)
          Creates a new file permission with the specified rights for the file owner.
FilePermission(boolean ownerReadable, boolean ownerWritable, boolean ownerExecutable, boolean groupReadable, boolean groupWritable, boolean groupExecutable, boolean otherReadable, boolean otherWritable, boolean otherExecutable)
          Creates a new file permission with the specified rights for the file owner, group members, and other users.
FilePermission(int encodedPermission)
          Creates a new file permission object with the provided encoded representation.
 
Method Summary
static boolean canSetPermissions()
          Indicates whether the there is a mechanism available for setting permissions in the underlying filesystem on the current platform.
static FilePermission decodeUNIXMode(java.lang.String modeString)
          Decodes the provided string as a UNIX mode and retrieves the corresponding file permission.
 boolean isGroupExecutable()
          Indicates whether this file permission includes the group execute permission.
 boolean isGroupReadable()
          Indicates whether this file permission includes the group read permission.
 boolean isGroupWritable()
          Indicates whether this file permission includes the group write permission.
 boolean isOtherExecutable()
          Indicates whether this file permission includes the other execute permission.
 boolean isOtherReadable()
          Indicates whether this file permission includes the other read permission.
 boolean isOtherWritable()
          Indicates whether this file permission includes the other write permission.
 boolean isOwnerExecutable()
          Indicates whether this file permission includes the owner execute permission.
 boolean isOwnerReadable()
          Indicates whether this file permission includes the owner read permission.
 boolean isOwnerWritable()
          Indicates whether this file permission includes the owner write permission.
static boolean setPermissions(java.io.File f, FilePermission p)
          Attempts to set the given permissions on the specified file.
 java.lang.String toString()
          Retrieves a string representation of this file permission.
 void toString(java.lang.StringBuilder buffer)
          Appends a string representation of this file permission to the given buffer.
static java.lang.String toUNIXMode(FilePermission p)
          Retrieves a three-character string that is the UNIX mode for the provided file permission.
static void toUNIXMode(java.lang.StringBuilder buffer, FilePermission p)
          Appends a three-character string that is the UNIX mode for the provided file permission to the given buffer.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Field Detail

OWNER_READABLE

public static final int OWNER_READABLE
The bitmask that should be used for indicating whether a file is readable by its owner.

See Also:
Constant Field Values

OWNER_WRITABLE

public static final int OWNER_WRITABLE
The bitmask that should be used for indicating whether a file is writable by its owner.

See Also:
Constant Field Values

OWNER_EXECUTABLE

public static final int OWNER_EXECUTABLE
The bitmask that should be used for indicating whether a file is executable by its owner.

See Also:
Constant Field Values

GROUP_READABLE

public static final int GROUP_READABLE
The bitmask that should be used for indicating whether a file is readable by members of its group.

See Also:
Constant Field Values

GROUP_WRITABLE

public static final int GROUP_WRITABLE
The bitmask that should be used for indicating whether a file is writable by members of its group.

See Also:
Constant Field Values

GROUP_EXECUTABLE

public static final int GROUP_EXECUTABLE
The bitmask that should be used for indicating whether a file is executable by members of its group.

See Also:
Constant Field Values

OTHER_READABLE

public static final int OTHER_READABLE
The bitmask that should be used for indicating whether a file is readable by users other than the owner or group members.

See Also:
Constant Field Values

OTHER_WRITABLE

public static final int OTHER_WRITABLE
The bitmask that should be used for indicating whether a file is writable by users other than the owner or group members.

See Also:
Constant Field Values

OTHER_EXECUTABLE

public static final int OTHER_EXECUTABLE
The bitmask that should be used for indicating whether a file is executable by users other than the owner or group members.

See Also:
Constant Field Values
Constructor Detail

FilePermission

public FilePermission(int encodedPermission)
Creates a new file permission object with the provided encoded representation.

Parameters:
encodedPermission - The encoded representation for this file permission.

FilePermission

public FilePermission(boolean ownerReadable,
                      boolean ownerWritable,
                      boolean ownerExecutable)
Creates a new file permission with the specified rights for the file owner. Users other than the owner will not have any rights.

Parameters:
ownerReadable - Indicates whether the owner should have the read permission.
ownerWritable - Indicates whether the owner should have the write permission.
ownerExecutable - Indicates whether the owner should have the execute permission.

FilePermission

public FilePermission(boolean ownerReadable,
                      boolean ownerWritable,
                      boolean ownerExecutable,
                      boolean groupReadable,
                      boolean groupWritable,
                      boolean groupExecutable,
                      boolean otherReadable,
                      boolean otherWritable,
                      boolean otherExecutable)
Creates a new file permission with the specified rights for the file owner, group members, and other users.

Parameters:
ownerReadable - Indicates whether the owner should have the read permission.
ownerWritable - Indicates whether the owner should have the write permission.
ownerExecutable - Indicates whether the owner should have the execute permission.
groupReadable - Indicates whether members of the file's group should have the read permission.
groupWritable - Indicates whether members of the file's group should have the write permission.
groupExecutable - Indicates whether members of the file's group should have the execute permission.
otherReadable - Indicates whether other users should have the read permission.
otherWritable - Indicates whether other users should have the write permission.
otherExecutable - Indicates whether other users should have the execute permission.
Method Detail

isOwnerReadable

public boolean isOwnerReadable()
Indicates whether this file permission includes the owner read permission.

Returns:
true if this file permission includes the owner read permission, or false if not.

isOwnerWritable

public boolean isOwnerWritable()
Indicates whether this file permission includes the owner write permission.

Returns:
true if this file permission includes the owner write permission, or false if not.

isOwnerExecutable

public boolean isOwnerExecutable()
Indicates whether this file permission includes the owner execute permission.

Returns:
true if this file permission includes the owner execute permission, or false if not.

isGroupReadable

public boolean isGroupReadable()
Indicates whether this file permission includes the group read permission.

Returns:
true if this file permission includes the group read permission, or false if not.

isGroupWritable

public boolean isGroupWritable()
Indicates whether this file permission includes the group write permission.

Returns:
true if this file permission includes the group write permission, or false if not.

isGroupExecutable

public boolean isGroupExecutable()
Indicates whether this file permission includes the group execute permission.

Returns:
true if this file permission includes the group execute permission, or false if not.

isOtherReadable

public boolean isOtherReadable()
Indicates whether this file permission includes the other read permission.

Returns:
true if this file permission includes the other read permission, or false if not.

isOtherWritable

public boolean isOtherWritable()
Indicates whether this file permission includes the other write permission.

Returns:
true if this file permission includes the other write permission, or false if not.

isOtherExecutable

public boolean isOtherExecutable()
Indicates whether this file permission includes the other execute permission.

Returns:
true if this file permission includes the other execute permission, or false if not.

canSetPermissions

public static boolean canSetPermissions()
Indicates whether the there is a mechanism available for setting permissions in the underlying filesystem on the current platform.

Returns:
true if there is a mechanism available for setting file permissions on the underlying system (e.g., if the server is running in a Java 6 environment, or if this is a UNIX-based system and the use of exec is allowed), or false if no such mechanism is available.

setPermissions

public static boolean setPermissions(java.io.File f,
                                     FilePermission p)
                              throws java.io.FileNotFoundException,
                                     DirectoryException
Attempts to set the given permissions on the specified file. If the underlying platform does not allow the full level of granularity specified in the permissions, then an attempt will be made to set them as closely as possible to the provided permissions, erring on the side of security.

Parameters:
f - The file to which the permissions should be applied.
p - The permissions to apply to the file.
Returns:
true if the permissions (or the nearest equivalent) were successfully applied to the specified file, or false if was not possible to set the permissions on the current platform.
Throws:
java.io.FileNotFoundException - If the specified file does not exist.
DirectoryException - If a problem occurs while trying to set the file permissions.

toUNIXMode

public static java.lang.String toUNIXMode(FilePermission p)
Retrieves a three-character string that is the UNIX mode for the provided file permission. Each character of the string will be a numeric digit from zero through seven.

Parameters:
p - The permission to retrieve as a UNIX mode string.
Returns:
The UNIX mode string for the provided permission.

toUNIXMode

public static void toUNIXMode(java.lang.StringBuilder buffer,
                              FilePermission p)
Appends a three-character string that is the UNIX mode for the provided file permission to the given buffer. Each character of the string will be anumeric digit from zero through seven.

Parameters:
buffer - The buffer to which the mode string should be appended.
p - The permission to retrieve as a UNIX mode string.

decodeUNIXMode

public static FilePermission decodeUNIXMode(java.lang.String modeString)
                                     throws DirectoryException
Decodes the provided string as a UNIX mode and retrieves the corresponding file permission. The mode string must contain three digits between zero and seven.

Parameters:
modeString - The string representation of the UNIX mode to decode.
Returns:
The file permission that is equivalent to the given UNIX mode.
Throws:
DirectoryException - If the provided string is not a valid three-digit UNIX mode.

toString

public java.lang.String toString()
Retrieves a string representation of this file permission.

Overrides:
toString in class java.lang.Object
Returns:
A string representation of this file permission.

toString

public void toString(java.lang.StringBuilder buffer)
Appends a string representation of this file permission to the given buffer.

Parameters:
buffer - The buffer to which the data should be appended.