1/*
2 * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.  Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26package java.security.acl;
27
28import java.util.Enumeration;
29import java.security.Principal;
30
31/**
32 * This is the interface used for representing one entry in an Access
33 * Control List (ACL).<p>
34 *
35 * An ACL can be thought of as a data structure with multiple ACL entry
36 * objects. Each ACL entry object contains a set of permissions associated
37 * with a particular principal. (A principal represents an entity such as
38 * an individual user or a group). Additionally, each ACL entry is specified
39 * as being either positive or negative. If positive, the permissions are
40 * to be granted to the associated principal. If negative, the permissions
41 * are to be denied. Each principal can have at most one positive ACL entry
42 * and one negative entry; that is, multiple positive or negative ACL
43 * entries are not allowed for any principal.
44 *
45 * Note: ACL entries are by default positive. An entry becomes a
46 * negative entry only if the
47 * {@link #setNegativePermissions() setNegativePermissions}
48 * method is called on it.
49 *
50 * @see java.security.acl.Acl
51 *
52 * @author      Satish Dharmaraj
53 * @since 1.1
54 *
55 * @deprecated This package has been replaced by {@code java.security.Policy}
56 *      and related classes since 1.2.
57 */
58@Deprecated(since="9")
59public interface AclEntry extends Cloneable {
60
61    /**
62     * Specifies the principal for which permissions are granted or denied
63     * by this ACL entry. If a principal was already set for this ACL entry,
64     * false is returned, otherwise true is returned.
65     *
66     * @param user the principal to be set for this entry.
67     *
68     * @return true if the principal is set, false if there was
69     * already a principal set for this entry.
70     *
71     * @see #getPrincipal
72     */
73    public boolean setPrincipal(Principal user);
74
75    /**
76     * Returns the principal for which permissions are granted or denied by
77     * this ACL entry. Returns null if there is no principal set for this
78     * entry yet.
79     *
80     * @return the principal associated with this entry.
81     *
82     * @see #setPrincipal
83     */
84    public Principal getPrincipal();
85
86    /**
87     * Sets this ACL entry to be a negative one. That is, the associated
88     * principal (e.g., a user or a group) will be denied the permission set
89     * specified in the entry.
90     *
91     * Note: ACL entries are by default positive. An entry becomes a
92     * negative entry only if this {@code setNegativePermissions}
93     * method is called on it.
94     */
95    public void setNegativePermissions();
96
97    /**
98     * Returns true if this is a negative ACL entry (one denying the
99     * associated principal the set of permissions in the entry), false
100     * otherwise.
101     *
102     * @return true if this is a negative ACL entry, false if it's not.
103     */
104    public boolean isNegative();
105
106    /**
107     * Adds the specified permission to this ACL entry. Note: An entry can
108     * have multiple permissions.
109     *
110     * @param permission the permission to be associated with
111     * the principal in this entry.
112     *
113     * @return true if the permission was added, false if the
114     * permission was already part of this entry's permission set.
115     */
116    public boolean addPermission(Permission permission);
117
118    /**
119     * Removes the specified permission from this ACL entry.
120     *
121     * @param permission the permission to be removed from this entry.
122     *
123     * @return true if the permission is removed, false if the
124     * permission was not part of this entry's permission set.
125     */
126    public boolean removePermission(Permission permission);
127
128    /**
129     * Checks if the specified permission is part of the
130     * permission set in this entry.
131     *
132     * @param permission the permission to be checked for.
133     *
134     * @return true if the permission is part of the
135     * permission set in this entry, false otherwise.
136     */
137    public boolean checkPermission(Permission permission);
138
139    /**
140     * Returns an enumeration of the permissions in this ACL entry.
141     *
142     * @return an enumeration of the permissions in this ACL entry.
143     */
144    public Enumeration<Permission> permissions();
145
146    /**
147     * Returns a string representation of the contents of this ACL entry.
148     *
149     * @return a string representation of the contents.
150     */
151    public String toString();
152
153    /**
154     * Clones this ACL entry.
155     *
156     * @return a clone of this ACL entry.
157     */
158    public Object clone();
159}
160