class OodSupport::ACLs::Nfs4Entry

Object describing single NFSv4 ACL entry

Constants

REGEX_PATTERN

Regular expression used when parsing ACL entry string

VALID_FLAG

Valid flags for an ACL entry

VALID_PERMISSION

Valid permissions for an ACL entry

VALID_TYPE

Valid types for an ACL entry

Attributes

domain[R]

Domain of ACL entry @return [String] domain of acl entry

flags[R]

Flags set on ACL entry @return [Array<Symbol>] flags on acl entry

permissions[R]

Permissions of ACL entry @return [Array<Symbol>] permissions of acl entry

type[R]

Type of ACL entry @return [Symbol] type of acl entry

Public Class Methods

new(type:, flags:, domain:, permissions:, **kwargs) click to toggle source

@param type [#to_sym] type of acl entry @param flags [Array<#to_sym>] list of flags for entry @param domain [#to_s] domain of principle @param permissions [Array<#to_sym>] list of permissions for entry @see ACLEntry#initialize

Calls superclass method OodSupport::ACLEntry::new
# File lib/ood_support/acls/nfs4.rb, line 158
def initialize(type:, flags:, domain:, permissions:, **kwargs)
  @type = type.to_sym
  @flags = flags.map(&:to_sym)
  @domain = domain.to_s
  @permissions = permissions.map(&:to_sym)
  super(kwargs)
end

Private Class Methods

parse_entry(entry) click to toggle source

Parse an entry string into input parameters

# File lib/ood_support/acls/nfs4.rb, line 248
def self.parse_entry(entry)
  e = REGEX_PATTERN.match(entry.to_s.strip) do |m|
    {
      type:        m[:type],
      flags:       m[:flags].chars,
      principle:   m[:principle],
      domain:      m[:domain],
      permissions: m[:permissions].chars
    }
  end
  e ? e : raise(InvalidACLEntry, "invalid entry: #{entry}")
end

Public Instance Methods

group_entry?() click to toggle source

Is this a group-specific ACL entry @return [Boolean] is this a group entry

# File lib/ood_support/acls/nfs4.rb, line 211
def group_entry?
  flags.include? :g
end
group_owner_entry?() click to toggle source

Is this the owning group ACL entry @return [Boolean] is this the owning group entry

# File lib/ood_support/acls/nfs4.rb, line 229
def group_owner_entry?
  group_entry? && principle == "GROUP"
end
has_permission?(permission:) click to toggle source

Does this entry have the requested permission @param permission [#to_sym] the requested permission @return [Boolean] found this permission

# File lib/ood_support/acls/nfs4.rb, line 236
def has_permission?(permission:)
  permissions.include? permission.to_sym
end
is_allow?() click to toggle source

Is this an “allow” ACL entry @return [Boolean] is this an allow entry

# File lib/ood_support/acls/nfs4.rb, line 168
def is_allow?
  type == :A
end
is_deny?() click to toggle source

Is this a “deny” ACL entry @return [Boolean] is this a deny entry

# File lib/ood_support/acls/nfs4.rb, line 174
def is_deny?
  type == :D
end
match(principle:, permission:, owner:, group:) click to toggle source

Do the requested args match this ACL entry? @param principle [User, Group, to_s] requested principle @param permission [#to_sym] requested permission @param owner [String] owner of corresponding ACL @param group [String] owning group of corresponding ACL @raise [ArgumentError] principle isn't {User} or {Group} object @return [Boolean] does this match this entry

# File lib/ood_support/acls/nfs4.rb, line 185
def match(principle:, permission:, owner:, group:)
  principle = User.new(principle) if (!principle.is_a?(User) && !principle.is_a?(Group))
  return false unless has_permission?(permission: permission)
  # Ignore domain, I don't want or care to check for domain matches
  p = self.principle
  p = owner if user_owner_entry?
  p = group if group_owner_entry?
  if (principle.is_a?(User) && group_entry?)
    principle.groups.include?(p)
  elsif (principle.is_a?(User) && user_entry?) || (principle.is_a?(Group) && group_entry?)
    principle == p
  elsif other_entry?
    true
  else
    false
  end
end
other_entry?() click to toggle source

Is this an other-specific ACL entry @return [Boolean] is this an other entry

# File lib/ood_support/acls/nfs4.rb, line 217
def other_entry?
  principle == "EVERYONE"
end
to_s() click to toggle source

Convert object to string @return [String] the string describing this object

# File lib/ood_support/acls/nfs4.rb, line 242
def to_s
  "#{type}:#{flags.join}:#{principle}@#{domain}:#{permissions.join}"
end
user_entry?() click to toggle source

Is this a user-specific ACL entry @return [Boolean] is this a user entry

# File lib/ood_support/acls/nfs4.rb, line 205
def user_entry?
  !group_entry? && !other_entry?
end
user_owner_entry?() click to toggle source

Is this the owner ACL entry @return [Boolean] is this the owner entry

# File lib/ood_support/acls/nfs4.rb, line 223
def user_owner_entry?
  user_entry? && principle == "OWNER"
end