1. /*

  2.  * @(#)AclEntry.java	1.20 04/05/05

  3.  *

  4.  * Copyright 2004 Sun Microsystems, Inc. All rights reserved.

  5.  * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.

  6.  */

  7. 

  8. package java.security.acl;

  9. 

  10. import java.util.Enumeration;

  11. import java.security.Principal;

  12. 

  13. /**

  14.  * This is the interface used for representing one entry in an Access

  15.  * Control List (ACL).<p>

  16.  *

  17.  * An ACL can be thought of as a data structure with multiple ACL entry

  18.  * objects. Each ACL entry object contains a set of permissions associated

  19.  * with a particular principal. (A principal represents an entity such as

  20.  * an individual user or a group). Additionally, each ACL entry is specified

  21.  * as being either positive or negative. If positive, the permissions are

  22.  * to be granted to the associated principal. If negative, the permissions

  23.  * are to be denied. Each principal can have at most one positive ACL entry

  24.  * and one negative entry; that is, multiple positive or negative ACL

  25.  * entries are not allowed for any principal.

  26.  *

  27.  * Note: ACL entries are by default positive. An entry becomes a

  28.  * negative entry only if the

  29.  * {@link #setNegativePermissions() setNegativePermissions}

  30.  * method is called on it.

  31.  *

  32.  * @see java.security.acl.Acl

  33.  *

  34.  * @author 	Satish Dharmaraj

  35.  */

  36. public interface AclEntry extends Cloneable {

  37. 

  38.     /**

  39.      * Specifies the principal for which permissions are granted or denied

  40.      * by this ACL entry. If a principal was already set for this ACL entry,

  41.      * false is returned, otherwise true is returned.

  42.      *

  43.      * @param user the principal to be set for this entry.

  44.      *

  45.      * @return true if the principal is set, false if there was

  46.      * already a principal set for this entry.

  47.      *

  48.      * @see #getPrincipal

  49.      */

  50.     public boolean setPrincipal(Principal user);

  51. 

  52.     /**

  53.      * Returns the principal for which permissions are granted or denied by

  54.      * this ACL entry. Returns null if there is no principal set for this

  55.      * entry yet.

  56.      *

  57.      * @return the principal associated with this entry.

  58.      *

  59.      * @see #setPrincipal

  60.      */

  61.     public Principal getPrincipal();

  62. 

  63.     /**

  64.      * Sets this ACL entry to be a negative one. That is, the associated

  65.      * principal (e.g., a user or a group) will be denied the permission set

  66.      * specified in the entry.

  67.      *

  68.      * Note: ACL entries are by default positive. An entry becomes a

  69.      * negative entry only if this <code>setNegativePermissions</code>

  70.      * method is called on it.

  71.      */

  72.     public void setNegativePermissions();

  73. 

  74.     /**

  75.      * Returns true if this is a negative ACL entry (one denying the

  76.      * associated principal the set of permissions in the entry), false

  77.      * otherwise.

  78.      *

  79.      * @return true if this is a negative ACL entry, false if it's not.

  80.      */

  81.     public boolean isNegative();

  82. 

  83.     /**

  84.      * Adds the specified permission to this ACL entry. Note: An entry can

  85.      * have multiple permissions.

  86.      *

  87.      * @param permission the permission to be associated with

  88.      * the principal in this entry.

  89.      *

  90.      * @return true if the permission was added, false if the

  91.      * permission was already part of this entry's permission set.

  92.      */

  93.     public boolean addPermission(Permission permission);

  94. 

  95.     /**

  96.      * Removes the specified permission from this ACL entry.

  97.      *

  98.      * @param permission the permission to be removed from this entry.

  99.      *

  100.      * @return true if the permission is removed, false if the

  101.      * permission was not part of this entry's permission set.

  102.      */

  103.     public boolean removePermission(Permission permission);

  104. 

  105.     /**

  106.      * Checks if the specified permission is part of the

  107.      * permission set in this entry.

  108.      *

  109.      * @param permission the permission to be checked for.

  110.      *

  111.      * @return true if the permission is part of the

  112.      * permission set in this entry, false otherwise.

  113.      */

  114.     public boolean checkPermission(Permission permission);

  115. 

  116.     /**

  117.      * Returns an enumeration of the permissions in this ACL entry.

  118.      *

  119.      * @return an enumeration of the permissions in this ACL entry.

  120.      */

  121.     public Enumeration<Permission> permissions();

  122. 

  123.     /**

  124.      * Returns a string representation of the contents of this ACL entry.

  125.      *

  126.      * @return a string representation of the contents.

  127.      */

  128.     public String toString();

  129. 

  130.     /**

  131.      * Clones this ACL entry.

  132.      *

  133.      * @return a clone of this ACL entry.

  134.      */

  135.     public Object clone();

  136. }

  137. 

  138.