Package com.illumon.iris.db.v2.permissions

Class FileACLPermission

java.lang.Object

java.security.Permission

java.security.BasicPermission

com.illumon.iris.db.v2.permissions.BaseACLPermission

com.illumon.iris.db.v2.permissions.FileACLPermission

All Implemented Interfaces:

Serializable, Guard

public class FileACLPermission
extends BaseACLPermission

A Java Permission to allow access to locations in the filesystem based on Deephaven ACLs.

See Also:

Serialized Form

Constructor Summary

Constructors

Constructor	Description
FileACLPermission(String name)	Creates a new FileACLPermission with the specified name.
FileACLPermission(String name, String actions)	Creates a new FileACLPermission object with the specified name.

Method Summary

Modifier and Type	Method	Description
protected boolean	filterImpliesPermission(SelectFilter filter, Permission permission)	Given a filter and a permission, determine whether that filter implies the specified permission under the rules of a FileACLPermission.
protected boolean	permissionIsRelevant(Permission permission)	Given a permission, immediately indicate whether this permission can possibly imply that type at all.

Methods inherited from class com.illumon.iris.db.v2.permissions.BaseACLPermission

implies

Methods inherited from class java.security.BasicPermission

equals, getActions, hashCode, newPermissionCollection

Methods inherited from class java.security.Permission

checkGuard, getName, toString

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Constructor Details

FileACLPermission

public FileACLPermission(@NotNull String name)

Creates a new FileACLPermission with the specified name. The name is the key that corresponds to a non-table ACL that should be checked. That ACL will then define what directories the current user has access to.

Parameters:

name - the key that corresponds to an ACL that should be checked.

Throws:

NullPointerException - if name is null.

FileACLPermission

public FileACLPermission(@NotNull String name, @Nullable String actions)

Creates a new FileACLPermission object with the specified name. The name is the key that corresponds to a non-table ACL that should be checked, and the actions String is currently unused. Only the custom DatabaseQueryingPolicy knows about the Database we need access to, so if we're not using the custom policy, we can't use a FileACLPermission either.

Parameters:

name - the key that should be looked up to get the permission definition.

actions - ignored.

Throws:

NullPointerException - if name is null.

Method Details

permissionIsRelevant

protected boolean permissionIsRelevant(Permission permission)

Given a permission, immediately indicate whether this permission can possibly imply that type at all.

Specified by:

permissionIsRelevant in class BaseACLPermission

Parameters:

permission - The Permission being requested

Returns:

True if the Permission is a FilePermission, false otherwise

filterImpliesPermission

protected boolean filterImpliesPermission(SelectFilter filter, Permission permission)

Given a filter and a permission, determine whether that filter implies the specified permission under the rules of a FileACLPermission.

Specified by:

filterImpliesPermission in class BaseACLPermission

Parameters:

filter - The SelectFilter that may be of this type

permission - The Permission being requested

Returns:

True if the filter is a FileACLFilter that grants the requested access type to the requested Permission.