Endpoint

/v1/files/{ref}/info/acl/explain-posix-mode

POST

Explain the derived POSIX mode for a file/directory.

Parameters

Name Description Required
ref The file ID or the absolute path to the file system object. File IDs can be found in the id field of responses of APIs that return file attributes. You must URL-encode the paths. The APIs & Tools page in the Qumulo Core Web UI URL-encodes the paths. Yes
snapshot The snapshot ID that specifies the version of the filesystem to use. If not specified, use the head version. No

Response

Codes

Code Description
200 Return value on success

Schema

{
  "description": "api_files_derive_mode_explanation",
  "type": "object",
  "properties": {
    "mode": {
      "description": "The resulting mode",
      "type": "string"
    },
    "owner": {
      "description": "The user that owns the file.",
      "type": "object",
      "properties": {
        "domain": {
          "type": "string",
          "enum": [
            "LOCAL",
            "API_NULL_DOMAIN",
            "WORLD",
            "POSIX_USER",
            "POSIX_GROUP",
            "ACTIVE_DIRECTORY",
            "API_INVALID_DOMAIN",
            "API_RESERVED_DOMAIN",
            "API_INTERNAL_DOMAIN",
            "API_OPERATOR_DOMAIN",
            "API_CREATOR_DOMAIN"
          ],
          "description": "domain:\n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY,\n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN,\n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN,\n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN,\n * `API_NULL_DOMAIN` - API_NULL_DOMAIN,\n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN,\n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN,\n * `LOCAL` - LOCAL,\n * `POSIX_GROUP` - POSIX_GROUP,\n * `POSIX_USER` - POSIX_USER,\n * `WORLD` - WORLD"
        },
        "auth_id": {
          "description": "auth_id",
          "type": "string"
        },
        "uid": {
          "description": "uid",
          "type": "number"
        },
        "gid": {
          "description": "gid",
          "type": "number"
        },
        "sid": {
          "description": "sid",
          "type": "string"
        },
        "name": {
          "description": "name",
          "type": "string"
        }
      }
    },
    "group_owner": {
      "description": "The group-owner for the file.",
      "type": "object",
      "properties": {
        "domain": {
          "type": "string",
          "enum": [
            "LOCAL",
            "API_NULL_DOMAIN",
            "WORLD",
            "POSIX_USER",
            "POSIX_GROUP",
            "ACTIVE_DIRECTORY",
            "API_INVALID_DOMAIN",
            "API_RESERVED_DOMAIN",
            "API_INTERNAL_DOMAIN",
            "API_OPERATOR_DOMAIN",
            "API_CREATOR_DOMAIN"
          ],
          "description": "domain:\n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY,\n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN,\n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN,\n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN,\n * `API_NULL_DOMAIN` - API_NULL_DOMAIN,\n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN,\n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN,\n * `LOCAL` - LOCAL,\n * `POSIX_GROUP` - POSIX_GROUP,\n * `POSIX_USER` - POSIX_USER,\n * `WORLD` - WORLD"
        },
        "auth_id": {
          "description": "auth_id",
          "type": "string"
        },
        "uid": {
          "description": "uid",
          "type": "number"
        },
        "gid": {
          "description": "gid",
          "type": "number"
        },
        "sid": {
          "description": "sid",
          "type": "string"
        },
        "name": {
          "description": "name",
          "type": "string"
        }
      }
    },
    "posix_special_permissions": {
      "type": "array",
      "items": {
        "type": "string",
        "enum": [
          "STICKY_BIT",
          "SET_GID",
          "SET_UID"
        ],
        "description": "posix_special_permissions:\n * `SET_GID` - SET_GID,\n * `SET_UID` - SET_UID,\n * `STICKY_BIT` - STICKY_BIT"
      }
    },
    "annotated_acl": {
      "type": "array",
      "items": {
        "description": "The explanation of the ACL's contribution to the derived mode at the point of each ACE.",
        "type": "object",
        "properties": {
          "ace": {
            "description": "Exact copy of the FS ACE.",
            "type": "object",
            "properties": {
              "type": {
                "type": "string",
                "enum": [
                  "ALLOWED",
                  "DENIED"
                ],
                "description": "Type of this ACL entry:\n * `ALLOWED` - An ACL entry that grants rights,\n * `DENIED` - An ACL entry that denies rights"
              },
              "flags": {
                "description": "ACE flags for this ACL entry",
                "type": "array",
                "items": {
                  "type": "string",
                  "enum": [
                    "OBJECT_INHERIT",
                    "CONTAINER_INHERIT",
                    "NO_PROPAGATE_INHERIT",
                    "INHERIT_ONLY",
                    "INHERITED",
                    "ACE_FLAGS_ALL"
                  ],
                  "description": "ACE flags for this ACL entry:\n * `ACE_FLAGS_ALL` - All ACE flags,\n * `CONTAINER_INHERIT` - Children that are containers inherit as effective ACE,\n * `INHERITED` - Indicates the ACE was inherited,\n * `INHERIT_ONLY` - Indicates an inherit-only ACE that doesn't control access to the attached object,\n * `NO_PROPAGATE_INHERIT` - Prevent subsequent children from inheriting ACE,\n * `OBJECT_INHERIT` - Non-container children inherit as effective ACE. Container objects inherit as inherit-only ACE"
                }
              },
              "trustee": {
                "description": "Trustee for this ACL entry",
                "type": "object",
                "properties": {
                  "domain": {
                    "type": "string",
                    "enum": [
                      "LOCAL",
                      "API_NULL_DOMAIN",
                      "WORLD",
                      "POSIX_USER",
                      "POSIX_GROUP",
                      "ACTIVE_DIRECTORY",
                      "API_INVALID_DOMAIN",
                      "API_RESERVED_DOMAIN",
                      "API_INTERNAL_DOMAIN",
                      "API_OPERATOR_DOMAIN",
                      "API_CREATOR_DOMAIN"
                    ],
                    "description": "domain:\n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY,\n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN,\n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN,\n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN,\n * `API_NULL_DOMAIN` - API_NULL_DOMAIN,\n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN,\n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN,\n * `LOCAL` - LOCAL,\n * `POSIX_GROUP` - POSIX_GROUP,\n * `POSIX_USER` - POSIX_USER,\n * `WORLD` - WORLD"
                  },
                  "auth_id": {
                    "description": "auth_id",
                    "type": "string"
                  },
                  "uid": {
                    "description": "uid",
                    "type": "number"
                  },
                  "gid": {
                    "description": "gid",
                    "type": "number"
                  },
                  "sid": {
                    "description": "sid",
                    "type": "string"
                  },
                  "name": {
                    "description": "name",
                    "type": "string"
                  }
                }
              },
              "rights": {
                "description": "Rights granted or denied for this ACL entry",
                "type": "array",
                "items": {
                  "type": "string",
                  "enum": [
                    "READ",
                    "READ_EA",
                    "READ_ATTR",
                    "READ_ACL",
                    "WRITE_EA",
                    "WRITE_ATTR",
                    "WRITE_ACL",
                    "CHANGE_OWNER",
                    "WRITE_GROUP",
                    "DELETE",
                    "EXECUTE",
                    "MODIFY",
                    "EXTEND",
                    "ADD_FILE",
                    "ADD_SUBDIR",
                    "DELETE_CHILD",
                    "SYNCHRONIZE",
                    "ACCESS_RIGHTS_ALL"
                  ],
                  "description": "Rights granted or denied for this ACL entry:\n * `ACCESS_RIGHTS_ALL` - All access rights,\n * `ADD_FILE` - File creation access,\n * `ADD_SUBDIR` - Directory creation access,\n * `CHANGE_OWNER` - Owner write access,\n * `DELETE` - Delete access,\n * `DELETE_CHILD` - Delete from directory access,\n * `EXECUTE` - Execute access,\n * `EXTEND` - File extension access,\n * `MODIFY` - File modification access,\n * `READ` - File read access,\n * `READ_ACL` - ACL read access,\n * `READ_ATTR` - Attribute read access,\n * `READ_EA` - Extended attribute read access,\n * `SYNCHRONIZE` - File synchronize access,\n * `WRITE_ACL` - ACL write access,\n * `WRITE_ATTR` - Attribute write access,\n * `WRITE_EA` - Extended attribute write access,\n * `WRITE_GROUP` - Group write access"
                }
              }
            }
          },
          "is_inherit_only": {
            "description": "Whether the ACE is inherit-only, and therefore whether we ignore the rights.",
            "type": "boolean"
          },
          "owner_rights": {
            "description": "Owner rights granted by this ACE.",
            "type": "object",
            "properties": {
              "match": {
                "type": "string",
                "enum": [
                  "NONE",
                  "EQUIVALENT",
                  "EVERYONE",
                  "POTENTIALLY_AFFECTED"
                ],
                "description": "Match information for the current ACE trustee, i.e. why the ACE is affecting the mode segment or not.:\n * `EQUIVALENT` - TRUSTEE_MATCH_EQUIVALENT,\n * `EVERYONE` - TRUSTEE_MATCH_EVERYONE,\n * `NONE` - TRUSTEE_MATCH_NONE,\n * `POTENTIALLY_AFFECTED` - TRUSTEE_MATCH_POTENTIALLY_AFFECTED"
              },
              "newly_allowed": {
                "description": "Rights allowed by the current ACE.",
                "type": "array",
                "items": {
                  "type": "string",
                  "enum": [
                    "READ",
                    "READ_EA",
                    "READ_ATTR",
                    "READ_ACL",
                    "WRITE_EA",
                    "WRITE_ATTR",
                    "WRITE_ACL",
                    "CHANGE_OWNER",
                    "WRITE_GROUP",
                    "DELETE",
                    "EXECUTE",
                    "MODIFY",
                    "EXTEND",
                    "ADD_FILE",
                    "ADD_SUBDIR",
                    "DELETE_CHILD",
                    "SYNCHRONIZE",
                    "ACCESS_RIGHTS_ALL"
                  ],
                  "description": "Rights allowed by the current ACE.:\n * `ACCESS_RIGHTS_ALL` - All access rights,\n * `ADD_FILE` - File creation access,\n * `ADD_SUBDIR` - Directory creation access,\n * `CHANGE_OWNER` - Owner write access,\n * `DELETE` - Delete access,\n * `DELETE_CHILD` - Delete from directory access,\n * `EXECUTE` - Execute access,\n * `EXTEND` - File extension access,\n * `MODIFY` - File modification access,\n * `READ` - File read access,\n * `READ_ACL` - ACL read access,\n * `READ_ATTR` - Attribute read access,\n * `READ_EA` - Extended attribute read access,\n * `SYNCHRONIZE` - File synchronize access,\n * `WRITE_ACL` - ACL write access,\n * `WRITE_ATTR` - Attribute write access,\n * `WRITE_EA` - Extended attribute write access,\n * `WRITE_GROUP` - Group write access"
                }
              },
              "cumulative_allowed": {
                "description": "Rights allowed in total so far.",
                "type": "array",
                "items": {
                  "type": "string",
                  "enum": [
                    "READ",
                    "READ_EA",
                    "READ_ATTR",
                    "READ_ACL",
                    "WRITE_EA",
                    "WRITE_ATTR",
                    "WRITE_ACL",
                    "CHANGE_OWNER",
                    "WRITE_GROUP",
                    "DELETE",
                    "EXECUTE",
                    "MODIFY",
                    "EXTEND",
                    "ADD_FILE",
                    "ADD_SUBDIR",
                    "DELETE_CHILD",
                    "SYNCHRONIZE",
                    "ACCESS_RIGHTS_ALL"
                  ],
                  "description": "Rights allowed in total so far.:\n * `ACCESS_RIGHTS_ALL` - All access rights,\n * `ADD_FILE` - File creation access,\n * `ADD_SUBDIR` - Directory creation access,\n * `CHANGE_OWNER` - Owner write access,\n * `DELETE` - Delete access,\n * `DELETE_CHILD` - Delete from directory access,\n * `EXECUTE` - Execute access,\n * `EXTEND` - File extension access,\n * `MODIFY` - File modification access,\n * `READ` - File read access,\n * `READ_ACL` - ACL read access,\n * `READ_ATTR` - Attribute read access,\n * `READ_EA` - Extended attribute read access,\n * `SYNCHRONIZE` - File synchronize access,\n * `WRITE_ACL` - ACL write access,\n * `WRITE_ATTR` - Attribute write access,\n * `WRITE_EA` - Extended attribute write access,\n * `WRITE_GROUP` - Group write access"
                }
              },
              "newly_denied": {
                "description": "Rights denied by the current ACE.",
                "type": "array",
                "items": {
                  "type": "string",
                  "enum": [
                    "READ",
                    "READ_EA",
                    "READ_ATTR",
                    "READ_ACL",
                    "WRITE_EA",
                    "WRITE_ATTR",
                    "WRITE_ACL",
                    "CHANGE_OWNER",
                    "WRITE_GROUP",
                    "DELETE",
                    "EXECUTE",
                    "MODIFY",
                    "EXTEND",
                    "ADD_FILE",
                    "ADD_SUBDIR",
                    "DELETE_CHILD",
                    "SYNCHRONIZE",
                    "ACCESS_RIGHTS_ALL"
                  ],
                  "description": "Rights denied by the current ACE.:\n * `ACCESS_RIGHTS_ALL` - All access rights,\n * `ADD_FILE` - File creation access,\n * `ADD_SUBDIR` - Directory creation access,\n * `CHANGE_OWNER` - Owner write access,\n * `DELETE` - Delete access,\n * `DELETE_CHILD` - Delete from directory access,\n * `EXECUTE` - Execute access,\n * `EXTEND` - File extension access,\n * `MODIFY` - File modification access,\n * `READ` - File read access,\n * `READ_ACL` - ACL read access,\n * `READ_ATTR` - Attribute read access,\n * `READ_EA` - Extended attribute read access,\n * `SYNCHRONIZE` - File synchronize access,\n * `WRITE_ACL` - ACL write access,\n * `WRITE_ATTR` - Attribute write access,\n * `WRITE_EA` - Extended attribute write access,\n * `WRITE_GROUP` - Group write access"
                }
              },
              "cumulative_denied": {
                "description": "Rights denied in total so far.",
                "type": "array",
                "items": {
                  "type": "string",
                  "enum": [
                    "READ",
                    "READ_EA",
                    "READ_ATTR",
                    "READ_ACL",
                    "WRITE_EA",
                    "WRITE_ATTR",
                    "WRITE_ACL",
                    "CHANGE_OWNER",
                    "WRITE_GROUP",
                    "DELETE",
                    "EXECUTE",
                    "MODIFY",
                    "EXTEND",
                    "ADD_FILE",
                    "ADD_SUBDIR",
                    "DELETE_CHILD",
                    "SYNCHRONIZE",
                    "ACCESS_RIGHTS_ALL"
                  ],
                  "description": "Rights denied in total so far.:\n * `ACCESS_RIGHTS_ALL` - All access rights,\n * `ADD_FILE` - File creation access,\n * `ADD_SUBDIR` - Directory creation access,\n * `CHANGE_OWNER` - Owner write access,\n * `DELETE` - Delete access,\n * `DELETE_CHILD` - Delete from directory access,\n * `EXECUTE` - Execute access,\n * `EXTEND` - File extension access,\n * `MODIFY` - File modification access,\n * `READ` - File read access,\n * `READ_ACL` - ACL read access,\n * `READ_ATTR` - Attribute read access,\n * `READ_EA` - Extended attribute read access,\n * `SYNCHRONIZE` - File synchronize access,\n * `WRITE_ACL` - ACL write access,\n * `WRITE_ATTR` - Attribute write access,\n * `WRITE_EA` - Extended attribute write access,\n * `WRITE_GROUP` - Group write access"
                }
              }
            }
          },
          "group_rights": {
            "description": "Group rights granted by this ACE.",
            "type": "object",
            "properties": {
              "match": {
                "type": "string",
                "enum": [
                  "NONE",
                  "EQUIVALENT",
                  "EVERYONE",
                  "POTENTIALLY_AFFECTED"
                ],
                "description": "Match information for the current ACE trustee, i.e. why the ACE is affecting the mode segment or not.:\n * `EQUIVALENT` - TRUSTEE_MATCH_EQUIVALENT,\n * `EVERYONE` - TRUSTEE_MATCH_EVERYONE,\n * `NONE` - TRUSTEE_MATCH_NONE,\n * `POTENTIALLY_AFFECTED` - TRUSTEE_MATCH_POTENTIALLY_AFFECTED"
              },
              "newly_allowed": {
                "description": "Rights allowed by the current ACE.",
                "type": "array",
                "items": {
                  "type": "string",
                  "enum": [
                    "READ",
                    "READ_EA",
                    "READ_ATTR",
                    "READ_ACL",
                    "WRITE_EA",
                    "WRITE_ATTR",
                    "WRITE_ACL",
                    "CHANGE_OWNER",
                    "WRITE_GROUP",
                    "DELETE",
                    "EXECUTE",
                    "MODIFY",
                    "EXTEND",
                    "ADD_FILE",
                    "ADD_SUBDIR",
                    "DELETE_CHILD",
                    "SYNCHRONIZE",
                    "ACCESS_RIGHTS_ALL"
                  ],
                  "description": "Rights allowed by the current ACE.:\n * `ACCESS_RIGHTS_ALL` - All access rights,\n * `ADD_FILE` - File creation access,\n * `ADD_SUBDIR` - Directory creation access,\n * `CHANGE_OWNER` - Owner write access,\n * `DELETE` - Delete access,\n * `DELETE_CHILD` - Delete from directory access,\n * `EXECUTE` - Execute access,\n * `EXTEND` - File extension access,\n * `MODIFY` - File modification access,\n * `READ` - File read access,\n * `READ_ACL` - ACL read access,\n * `READ_ATTR` - Attribute read access,\n * `READ_EA` - Extended attribute read access,\n * `SYNCHRONIZE` - File synchronize access,\n * `WRITE_ACL` - ACL write access,\n * `WRITE_ATTR` - Attribute write access,\n * `WRITE_EA` - Extended attribute write access,\n * `WRITE_GROUP` - Group write access"
                }
              },
              "cumulative_allowed": {
                "description": "Rights allowed in total so far.",
                "type": "array",
                "items": {
                  "type": "string",
                  "enum": [
                    "READ",
                    "READ_EA",
                    "READ_ATTR",
                    "READ_ACL",
                    "WRITE_EA",
                    "WRITE_ATTR",
                    "WRITE_ACL",
                    "CHANGE_OWNER",
                    "WRITE_GROUP",
                    "DELETE",
                    "EXECUTE",
                    "MODIFY",
                    "EXTEND",
                    "ADD_FILE",
                    "ADD_SUBDIR",
                    "DELETE_CHILD",
                    "SYNCHRONIZE",
                    "ACCESS_RIGHTS_ALL"
                  ],
                  "description": "Rights allowed in total so far.:\n * `ACCESS_RIGHTS_ALL` - All access rights,\n * `ADD_FILE` - File creation access,\n * `ADD_SUBDIR` - Directory creation access,\n * `CHANGE_OWNER` - Owner write access,\n * `DELETE` - Delete access,\n * `DELETE_CHILD` - Delete from directory access,\n * `EXECUTE` - Execute access,\n * `EXTEND` - File extension access,\n * `MODIFY` - File modification access,\n * `READ` - File read access,\n * `READ_ACL` - ACL read access,\n * `READ_ATTR` - Attribute read access,\n * `READ_EA` - Extended attribute read access,\n * `SYNCHRONIZE` - File synchronize access,\n * `WRITE_ACL` - ACL write access,\n * `WRITE_ATTR` - Attribute write access,\n * `WRITE_EA` - Extended attribute write access,\n * `WRITE_GROUP` - Group write access"
                }
              },
              "newly_denied": {
                "description": "Rights denied by the current ACE.",
                "type": "array",
                "items": {
                  "type": "string",
                  "enum": [
                    "READ",
                    "READ_EA",
                    "READ_ATTR",
                    "READ_ACL",
                    "WRITE_EA",
                    "WRITE_ATTR",
                    "WRITE_ACL",
                    "CHANGE_OWNER",
                    "WRITE_GROUP",
                    "DELETE",
                    "EXECUTE",
                    "MODIFY",
                    "EXTEND",
                    "ADD_FILE",
                    "ADD_SUBDIR",
                    "DELETE_CHILD",
                    "SYNCHRONIZE",
                    "ACCESS_RIGHTS_ALL"
                  ],
                  "description": "Rights denied by the current ACE.:\n * `ACCESS_RIGHTS_ALL` - All access rights,\n * `ADD_FILE` - File creation access,\n * `ADD_SUBDIR` - Directory creation access,\n * `CHANGE_OWNER` - Owner write access,\n * `DELETE` - Delete access,\n * `DELETE_CHILD` - Delete from directory access,\n * `EXECUTE` - Execute access,\n * `EXTEND` - File extension access,\n * `MODIFY` - File modification access,\n * `READ` - File read access,\n * `READ_ACL` - ACL read access,\n * `READ_ATTR` - Attribute read access,\n * `READ_EA` - Extended attribute read access,\n * `SYNCHRONIZE` - File synchronize access,\n * `WRITE_ACL` - ACL write access,\n * `WRITE_ATTR` - Attribute write access,\n * `WRITE_EA` - Extended attribute write access,\n * `WRITE_GROUP` - Group write access"
                }
              },
              "cumulative_denied": {
                "description": "Rights denied in total so far.",
                "type": "array",
                "items": {
                  "type": "string",
                  "enum": [
                    "READ",
                    "READ_EA",
                    "READ_ATTR",
                    "READ_ACL",
                    "WRITE_EA",
                    "WRITE_ATTR",
                    "WRITE_ACL",
                    "CHANGE_OWNER",
                    "WRITE_GROUP",
                    "DELETE",
                    "EXECUTE",
                    "MODIFY",
                    "EXTEND",
                    "ADD_FILE",
                    "ADD_SUBDIR",
                    "DELETE_CHILD",
                    "SYNCHRONIZE",
                    "ACCESS_RIGHTS_ALL"
                  ],
                  "description": "Rights denied in total so far.:\n * `ACCESS_RIGHTS_ALL` - All access rights,\n * `ADD_FILE` - File creation access,\n * `ADD_SUBDIR` - Directory creation access,\n * `CHANGE_OWNER` - Owner write access,\n * `DELETE` - Delete access,\n * `DELETE_CHILD` - Delete from directory access,\n * `EXECUTE` - Execute access,\n * `EXTEND` - File extension access,\n * `MODIFY` - File modification access,\n * `READ` - File read access,\n * `READ_ACL` - ACL read access,\n * `READ_ATTR` - Attribute read access,\n * `READ_EA` - Extended attribute read access,\n * `SYNCHRONIZE` - File synchronize access,\n * `WRITE_ACL` - ACL write access,\n * `WRITE_ATTR` - Attribute write access,\n * `WRITE_EA` - Extended attribute write access,\n * `WRITE_GROUP` - Group write access"
                }
              }
            }
          },
          "other_rights": {
            "description": "Other rights granted by this ACE.",
            "type": "object",
            "properties": {
              "match": {
                "type": "string",
                "enum": [
                  "NONE",
                  "EQUIVALENT",
                  "EVERYONE",
                  "POTENTIALLY_AFFECTED"
                ],
                "description": "Match information for the current ACE trustee, i.e. why the ACE is affecting the mode segment or not.:\n * `EQUIVALENT` - TRUSTEE_MATCH_EQUIVALENT,\n * `EVERYONE` - TRUSTEE_MATCH_EVERYONE,\n * `NONE` - TRUSTEE_MATCH_NONE,\n * `POTENTIALLY_AFFECTED` - TRUSTEE_MATCH_POTENTIALLY_AFFECTED"
              },
              "newly_allowed": {
                "description": "Rights allowed by the current ACE.",
                "type": "array",
                "items": {
                  "type": "string",
                  "enum": [
                    "READ",
                    "READ_EA",
                    "READ_ATTR",
                    "READ_ACL",
                    "WRITE_EA",
                    "WRITE_ATTR",
                    "WRITE_ACL",
                    "CHANGE_OWNER",
                    "WRITE_GROUP",
                    "DELETE",
                    "EXECUTE",
                    "MODIFY",
                    "EXTEND",
                    "ADD_FILE",
                    "ADD_SUBDIR",
                    "DELETE_CHILD",
                    "SYNCHRONIZE",
                    "ACCESS_RIGHTS_ALL"
                  ],
                  "description": "Rights allowed by the current ACE.:\n * `ACCESS_RIGHTS_ALL` - All access rights,\n * `ADD_FILE` - File creation access,\n * `ADD_SUBDIR` - Directory creation access,\n * `CHANGE_OWNER` - Owner write access,\n * `DELETE` - Delete access,\n * `DELETE_CHILD` - Delete from directory access,\n * `EXECUTE` - Execute access,\n * `EXTEND` - File extension access,\n * `MODIFY` - File modification access,\n * `READ` - File read access,\n * `READ_ACL` - ACL read access,\n * `READ_ATTR` - Attribute read access,\n * `READ_EA` - Extended attribute read access,\n * `SYNCHRONIZE` - File synchronize access,\n * `WRITE_ACL` - ACL write access,\n * `WRITE_ATTR` - Attribute write access,\n * `WRITE_EA` - Extended attribute write access,\n * `WRITE_GROUP` - Group write access"
                }
              },
              "cumulative_allowed": {
                "description": "Rights allowed in total so far.",
                "type": "array",
                "items": {
                  "type": "string",
                  "enum": [
                    "READ",
                    "READ_EA",
                    "READ_ATTR",
                    "READ_ACL",
                    "WRITE_EA",
                    "WRITE_ATTR",
                    "WRITE_ACL",
                    "CHANGE_OWNER",
                    "WRITE_GROUP",
                    "DELETE",
                    "EXECUTE",
                    "MODIFY",
                    "EXTEND",
                    "ADD_FILE",
                    "ADD_SUBDIR",
                    "DELETE_CHILD",
                    "SYNCHRONIZE",
                    "ACCESS_RIGHTS_ALL"
                  ],
                  "description": "Rights allowed in total so far.:\n * `ACCESS_RIGHTS_ALL` - All access rights,\n * `ADD_FILE` - File creation access,\n * `ADD_SUBDIR` - Directory creation access,\n * `CHANGE_OWNER` - Owner write access,\n * `DELETE` - Delete access,\n * `DELETE_CHILD` - Delete from directory access,\n * `EXECUTE` - Execute access,\n * `EXTEND` - File extension access,\n * `MODIFY` - File modification access,\n * `READ` - File read access,\n * `READ_ACL` - ACL read access,\n * `READ_ATTR` - Attribute read access,\n * `READ_EA` - Extended attribute read access,\n * `SYNCHRONIZE` - File synchronize access,\n * `WRITE_ACL` - ACL write access,\n * `WRITE_ATTR` - Attribute write access,\n * `WRITE_EA` - Extended attribute write access,\n * `WRITE_GROUP` - Group write access"
                }
              },
              "newly_denied": {
                "description": "Rights denied by the current ACE.",
                "type": "array",
                "items": {
                  "type": "string",
                  "enum": [
                    "READ",
                    "READ_EA",
                    "READ_ATTR",
                    "READ_ACL",
                    "WRITE_EA",
                    "WRITE_ATTR",
                    "WRITE_ACL",
                    "CHANGE_OWNER",
                    "WRITE_GROUP",
                    "DELETE",
                    "EXECUTE",
                    "MODIFY",
                    "EXTEND",
                    "ADD_FILE",
                    "ADD_SUBDIR",
                    "DELETE_CHILD",
                    "SYNCHRONIZE",
                    "ACCESS_RIGHTS_ALL"
                  ],
                  "description": "Rights denied by the current ACE.:\n * `ACCESS_RIGHTS_ALL` - All access rights,\n * `ADD_FILE` - File creation access,\n * `ADD_SUBDIR` - Directory creation access,\n * `CHANGE_OWNER` - Owner write access,\n * `DELETE` - Delete access,\n * `DELETE_CHILD` - Delete from directory access,\n * `EXECUTE` - Execute access,\n * `EXTEND` - File extension access,\n * `MODIFY` - File modification access,\n * `READ` - File read access,\n * `READ_ACL` - ACL read access,\n * `READ_ATTR` - Attribute read access,\n * `READ_EA` - Extended attribute read access,\n * `SYNCHRONIZE` - File synchronize access,\n * `WRITE_ACL` - ACL write access,\n * `WRITE_ATTR` - Attribute write access,\n * `WRITE_EA` - Extended attribute write access,\n * `WRITE_GROUP` - Group write access"
                }
              },
              "cumulative_denied": {
                "description": "Rights denied in total so far.",
                "type": "array",
                "items": {
                  "type": "string",
                  "enum": [
                    "READ",
                    "READ_EA",
                    "READ_ATTR",
                    "READ_ACL",
                    "WRITE_EA",
                    "WRITE_ATTR",
                    "WRITE_ACL",
                    "CHANGE_OWNER",
                    "WRITE_GROUP",
                    "DELETE",
                    "EXECUTE",
                    "MODIFY",
                    "EXTEND",
                    "ADD_FILE",
                    "ADD_SUBDIR",
                    "DELETE_CHILD",
                    "SYNCHRONIZE",
                    "ACCESS_RIGHTS_ALL"
                  ],
                  "description": "Rights denied in total so far.:\n * `ACCESS_RIGHTS_ALL` - All access rights,\n * `ADD_FILE` - File creation access,\n * `ADD_SUBDIR` - Directory creation access,\n * `CHANGE_OWNER` - Owner write access,\n * `DELETE` - Delete access,\n * `DELETE_CHILD` - Delete from directory access,\n * `EXECUTE` - Execute access,\n * `EXTEND` - File extension access,\n * `MODIFY` - File modification access,\n * `READ` - File read access,\n * `READ_ACL` - ACL read access,\n * `READ_ATTR` - Attribute read access,\n * `READ_EA` - Extended attribute read access,\n * `SYNCHRONIZE` - File synchronize access,\n * `WRITE_ACL` - ACL write access,\n * `WRITE_ATTR` - Attribute write access,\n * `WRITE_EA` - Extended attribute write access,\n * `WRITE_GROUP` - Group write access"
                }
              }
            }
          },
          "mode_bits_granted": {
            "description": "Mode bits granted by this ACE after previous DENYs are applied.",
            "type": "string"
          }
        }
      }
    }
  }
}