com.entrust.toolkit.util

Class FilePermissions

java.lang.Object

com.entrust.toolkit.util.FilePermissions

public final class FilePermissions
extends java.lang.Object

Utility class to set the read/write permissions on a file.

The permissions that can be set on a file are dependent on the capabilities of the underlying operating system. Therefore, a file access level (such as OWNER) will have a similar but slightly different implementation depending on the operating system. Two models of file permissions are supported:

• Operating systems that support the POSIX standard, such as *NIX systems
• Operating systems that support the Access Control List (ACL) model as specified in RFC 3530 (Network File System Protocol), such as Microsoft Windows

For a description of the supported access levels see FilePermissions.FILE_ACCESS below.

For details on the specific operating system file permissions that get set for each of these levels (for example, the read-write permissions), see the setAccessLevel(FILE_ACCESS) and setAccessLevel(FILE_ACCESS, boolean) methods.

The default is OWNER level. That is, if setAccessLevel() is not called, then OWNER level will be used.

This class can be used in two ways:

• Use the default behaviours:
• Create an instance of FilePermission(). This uses the default OWNER level.
• Call setFilePermissions(File filename)
• Override the defaults using the static method
• Call setFilePermissions(File file, FILE_ACCESS fileAccess, boolean overrideFilePermissionsSystemDefaultProperty, boolean writable)

Functionally, the two ways are similar. The first way lets you use the defaults without having to specify an access level. (Additionally, the setAccessLevel() can still be called on the instance, to override the default level: this is convenient if the decision of what access level to use occurs at a different place in your code from when you actually create the file (and set the permission). The second way is convenient if the determination of the access level and the creation of the file occur at the same place in your code.

The system wide default can be changed to SYSTEM_DEFAULT by setting the following custom JVM boolean property that is supported by the Entrust Java Toolkit: com.entrust.toolkit.security.file.permissions.systemDefault. (For example, by configuring -Dcom.entrust.toolkit.security.file.permissions.systemDefault=true).

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	FilePermissions.FILE_ACCESS Defines the different levels of access permissions that are supported.

Constructor Summary

Constructors

Constructor and Description
FilePermissions()

Method Summary

Modifier and Type	Method and Description
boolean	isSystemDefaultLevel() Indicates if the access level is set to SYSTEM_DEFAULT
boolean	setAccessLevel(FilePermissions.FILE_ACCESS access) Specify the level of access (and override the default).
boolean	setAccessLevel(FilePermissions.FILE_ACCESS access, boolean writable) Specify the level of access (and override the default).
boolean	setFilePermissions(java.io.File filename) Set the file permissions on a file.
static boolean	setFilePermissions(java.io.File file, FilePermissions.FILE_ACCESS fileAccess, boolean overrideFilePermissionsSystemDefaultProperty, boolean writable) Set the permissions on a file by specifying the required access level.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

FilePermissions

public FilePermissions()

Method Detail

setAccessLevel

public boolean setAccessLevel(FilePermissions.FILE_ACCESS access)

Specify the level of access (and override the default).

Parameters:

access - The requested access level.

Returns:

boolean True if the file system supports the requested level of access. False otherwise (and the existing access level is not changed).

setAccessLevel

public boolean setAccessLevel(FilePermissions.FILE_ACCESS access,
                              boolean writable)

Specify the level of access (and override the default).

Parameters:

access - The requested access level.

writable - Set write access for 'group' or 'all' levels. Supported only on POSIX.

Returns:

boolean True if the file system supports the requested level of access. False otherwise (and the existing access level is not changed).

isSystemDefaultLevel

public boolean isSystemDefaultLevel()

Indicates if the access level is set to SYSTEM_DEFAULT

Returns:

True if the access level is SYSTEM_DEFAULT, false otherwise.

setFilePermissions

public boolean setFilePermissions(java.io.File filename)
                           throws java.nio.file.FileSystemException

Set the file permissions on a file. (The permissions that are used are as specified by the previous call to setAccessLevel(), or the default level if setAccessLevel() was not called.) If the underlying operating system platform could not be determined, then the file permissions are not changed.

Parameters:

filename - The file to set the file permissions on.

Returns:

boolean True if the file permissions were changed. False otherwise, and the existing permissions are not changed. (This would occur if the requested level is not supported on the operating system, or if the JVM systemDefault property is set and is not being overridden).

Throws:

java.nio.file.FileSystemException - If the permissions could not be changed.

setFilePermissions

public static boolean setFilePermissions(java.io.File file,
                                         FilePermissions.FILE_ACCESS fileAccess,
                                         boolean overrideFilePermissionsSystemDefaultProperty,
                                         boolean writable)
                                  throws java.nio.file.FileSystemException

Set the permissions on a file by specifying the required access level.

Parameters:

file - The file to set the file permissions on.

fileAccess - The level of access to set on the file

overrideFilePermissionsSystemDefaultProperty - If the specified access level should override the JVM property 'com.entrust.toolkit.security.file.permissions.systemDefault' if it is enabled

writable - Set write access for 'group' or 'all' levels. Supported only on POSIX (Ignored otherwise).

Returns:

boolean True if the file permissions were changed. False otherwise, and the existing permissions are not changed. (This would occur if the requested level is not supported on the operating system, or if the JVM systemDefault property is set and is not being overridden).

Throws:

java.nio.file.FileSystemException - If the permissions could not be changed.