Explain how rights are granted to a user for a file/directory.
{
"description" : "api_files_effective_rights_explanation" ,
"type" : "object" ,
"properties" : {
"owner" : {
"description" : "The user that owns the file." ,
"type" : "object" ,
"properties" : {
"domain" : {
"type" : "string" ,
"enum" : [
"LOCAL" ,
"API_NULL_DOMAIN" ,
"WORLD" ,
"POSIX_USER" ,
"POSIX_GROUP" ,
"ACTIVE_DIRECTORY" ,
"API_INVALID_DOMAIN" ,
"API_RESERVED_DOMAIN" ,
"API_INTERNAL_DOMAIN" ,
"API_OPERATOR_DOMAIN" ,
"API_CREATOR_DOMAIN"
],
"description" : "domain: \n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY, \n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN, \n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN, \n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN, \n * `API_NULL_DOMAIN` - API_NULL_DOMAIN, \n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN, \n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN, \n * `LOCAL` - LOCAL, \n * `POSIX_GROUP` - POSIX_GROUP, \n * `POSIX_USER` - POSIX_USER, \n * `WORLD` - WORLD"
},
"auth_id" : {
"description" : "auth_id" ,
"type" : "string"
},
"uid" : {
"description" : "uid" ,
"type" : "number"
},
"gid" : {
"description" : "gid" ,
"type" : "number"
},
"sid" : {
"description" : "sid" ,
"type" : "string"
},
"name" : {
"description" : "name" ,
"type" : "string"
}
}
},
"group_owner" : {
"description" : "The group-owner for the file." ,
"type" : "object" ,
"properties" : {
"domain" : {
"type" : "string" ,
"enum" : [
"LOCAL" ,
"API_NULL_DOMAIN" ,
"WORLD" ,
"POSIX_USER" ,
"POSIX_GROUP" ,
"ACTIVE_DIRECTORY" ,
"API_INVALID_DOMAIN" ,
"API_RESERVED_DOMAIN" ,
"API_INTERNAL_DOMAIN" ,
"API_OPERATOR_DOMAIN" ,
"API_CREATOR_DOMAIN"
],
"description" : "domain: \n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY, \n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN, \n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN, \n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN, \n * `API_NULL_DOMAIN` - API_NULL_DOMAIN, \n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN, \n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN, \n * `LOCAL` - LOCAL, \n * `POSIX_GROUP` - POSIX_GROUP, \n * `POSIX_USER` - POSIX_USER, \n * `WORLD` - WORLD"
},
"auth_id" : {
"description" : "auth_id" ,
"type" : "string"
},
"uid" : {
"description" : "uid" ,
"type" : "number"
},
"gid" : {
"description" : "gid" ,
"type" : "number"
},
"sid" : {
"description" : "sid" ,
"type" : "string"
},
"name" : {
"description" : "name" ,
"type" : "string"
}
}
},
"requestor" : {
"description" : "The full identity whose rights are described." ,
"type" : "object" ,
"properties" : {
"user" : {
"description" : "The user for whose rights are being explained." ,
"type" : "object" ,
"properties" : {
"domain" : {
"type" : "string" ,
"enum" : [
"LOCAL" ,
"API_NULL_DOMAIN" ,
"WORLD" ,
"POSIX_USER" ,
"POSIX_GROUP" ,
"ACTIVE_DIRECTORY" ,
"API_INVALID_DOMAIN" ,
"API_RESERVED_DOMAIN" ,
"API_INTERNAL_DOMAIN" ,
"API_OPERATOR_DOMAIN" ,
"API_CREATOR_DOMAIN"
],
"description" : "domain: \n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY, \n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN, \n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN, \n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN, \n * `API_NULL_DOMAIN` - API_NULL_DOMAIN, \n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN, \n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN, \n * `LOCAL` - LOCAL, \n * `POSIX_GROUP` - POSIX_GROUP, \n * `POSIX_USER` - POSIX_USER, \n * `WORLD` - WORLD"
},
"auth_id" : {
"description" : "auth_id" ,
"type" : "string"
},
"uid" : {
"description" : "uid" ,
"type" : "number"
},
"gid" : {
"description" : "gid" ,
"type" : "number"
},
"sid" : {
"description" : "sid" ,
"type" : "string"
},
"name" : {
"description" : "name" ,
"type" : "string"
}
}
},
"primary_group" : {
"description" : "The user's primary group." ,
"type" : "object" ,
"properties" : {
"domain" : {
"type" : "string" ,
"enum" : [
"LOCAL" ,
"API_NULL_DOMAIN" ,
"WORLD" ,
"POSIX_USER" ,
"POSIX_GROUP" ,
"ACTIVE_DIRECTORY" ,
"API_INVALID_DOMAIN" ,
"API_RESERVED_DOMAIN" ,
"API_INTERNAL_DOMAIN" ,
"API_OPERATOR_DOMAIN" ,
"API_CREATOR_DOMAIN"
],
"description" : "domain: \n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY, \n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN, \n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN, \n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN, \n * `API_NULL_DOMAIN` - API_NULL_DOMAIN, \n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN, \n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN, \n * `LOCAL` - LOCAL, \n * `POSIX_GROUP` - POSIX_GROUP, \n * `POSIX_USER` - POSIX_USER, \n * `WORLD` - WORLD"
},
"auth_id" : {
"description" : "auth_id" ,
"type" : "string"
},
"uid" : {
"description" : "uid" ,
"type" : "number"
},
"gid" : {
"description" : "gid" ,
"type" : "number"
},
"sid" : {
"description" : "sid" ,
"type" : "string"
},
"name" : {
"description" : "name" ,
"type" : "string"
}
}
},
"auxiliary_identities" : {
"type" : "array" ,
"items" : {
"description" : "Any auxiliary identities for the user, e.g. additional groups or related identities." ,
"type" : "object" ,
"properties" : {
"domain" : {
"type" : "string" ,
"enum" : [
"LOCAL" ,
"API_NULL_DOMAIN" ,
"WORLD" ,
"POSIX_USER" ,
"POSIX_GROUP" ,
"ACTIVE_DIRECTORY" ,
"API_INVALID_DOMAIN" ,
"API_RESERVED_DOMAIN" ,
"API_INTERNAL_DOMAIN" ,
"API_OPERATOR_DOMAIN" ,
"API_CREATOR_DOMAIN"
],
"description" : "domain: \n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY, \n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN, \n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN, \n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN, \n * `API_NULL_DOMAIN` - API_NULL_DOMAIN, \n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN, \n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN, \n * `LOCAL` - LOCAL, \n * `POSIX_GROUP` - POSIX_GROUP, \n * `POSIX_USER` - POSIX_USER, \n * `WORLD` - WORLD"
},
"auth_id" : {
"description" : "auth_id" ,
"type" : "string"
},
"uid" : {
"description" : "uid" ,
"type" : "number"
},
"gid" : {
"description" : "gid" ,
"type" : "number"
},
"sid" : {
"description" : "sid" ,
"type" : "string"
},
"name" : {
"description" : "name" ,
"type" : "string"
}
}
}
}
}
},
"admin_priv_rights" : {
"description" : "Rights granted by possessing the administrator privilege." ,
"type" : "array" ,
"items" : {
"type" : "string" ,
"enum" : [
"API_FILES_ACCESS_READ" ,
"API_FILES_ACCESS_READ_EA" ,
"API_FILES_ACCESS_READ_ATTR" ,
"API_FILES_ACCESS_READ_ACL" ,
"API_FILES_ACCESS_WRITE_EA" ,
"API_FILES_ACCESS_WRITE_ATTR" ,
"API_FILES_ACCESS_WRITE_ACL" ,
"API_FILES_ACCESS_CHANGE_OWNER" ,
"API_FILES_ACCESS_WRITE_GROUP" ,
"API_FILES_ACCESS_DELETE" ,
"API_FILES_ACCESS_EXECUTE" ,
"API_FILES_ACCESS_MODIFY" ,
"API_FILES_ACCESS_EXTEND" ,
"API_FILES_ACCESS_ADD_FILE" ,
"API_FILES_ACCESS_ADD_SUBDIR" ,
"API_FILES_ACCESS_DELETE_CHILD" ,
"API_FILES_ACCESS_SYNCHRONIZE" ,
"API_FILES_ACCESS_ALL"
],
"description" : "Rights granted by possessing the administrator privilege.: \n * `API_FILES_ACCESS_ADD_FILE` - File creation access, \n * `API_FILES_ACCESS_ADD_SUBDIR` - Directory creation access, \n * `API_FILES_ACCESS_ALL` - All access rights, \n * `API_FILES_ACCESS_CHANGE_OWNER` - Owner write access, \n * `API_FILES_ACCESS_DELETE` - Delete access, \n * `API_FILES_ACCESS_DELETE_CHILD` - Delete from directory access, \n * `API_FILES_ACCESS_EXECUTE` - Execute access, \n * `API_FILES_ACCESS_EXTEND` - File extension access, \n * `API_FILES_ACCESS_MODIFY` - File modification access, \n * `API_FILES_ACCESS_READ` - File read access, \n * `API_FILES_ACCESS_READ_ACL` - ACL read access, \n * `API_FILES_ACCESS_READ_ATTR` - Attribute read access, \n * `API_FILES_ACCESS_READ_EA` - Extended attribute read access, \n * `API_FILES_ACCESS_SYNCHRONIZE` - File synchronize access, \n * `API_FILES_ACCESS_WRITE_ACL` - ACL write access, \n * `API_FILES_ACCESS_WRITE_ATTR` - Attribute write access, \n * `API_FILES_ACCESS_WRITE_EA` - Extended attribute write access, \n * `API_FILES_ACCESS_WRITE_GROUP` - Group write access"
}
},
"read_attr_priv_rights" : {
"description" : "Rights granted by possessing the privilege to read attributes." ,
"type" : "array" ,
"items" : {
"type" : "string" ,
"enum" : [
"API_FILES_ACCESS_READ" ,
"API_FILES_ACCESS_READ_EA" ,
"API_FILES_ACCESS_READ_ATTR" ,
"API_FILES_ACCESS_READ_ACL" ,
"API_FILES_ACCESS_WRITE_EA" ,
"API_FILES_ACCESS_WRITE_ATTR" ,
"API_FILES_ACCESS_WRITE_ACL" ,
"API_FILES_ACCESS_CHANGE_OWNER" ,
"API_FILES_ACCESS_WRITE_GROUP" ,
"API_FILES_ACCESS_DELETE" ,
"API_FILES_ACCESS_EXECUTE" ,
"API_FILES_ACCESS_MODIFY" ,
"API_FILES_ACCESS_EXTEND" ,
"API_FILES_ACCESS_ADD_FILE" ,
"API_FILES_ACCESS_ADD_SUBDIR" ,
"API_FILES_ACCESS_DELETE_CHILD" ,
"API_FILES_ACCESS_SYNCHRONIZE" ,
"API_FILES_ACCESS_ALL"
],
"description" : "Rights granted by possessing the privilege to read attributes.: \n * `API_FILES_ACCESS_ADD_FILE` - File creation access, \n * `API_FILES_ACCESS_ADD_SUBDIR` - Directory creation access, \n * `API_FILES_ACCESS_ALL` - All access rights, \n * `API_FILES_ACCESS_CHANGE_OWNER` - Owner write access, \n * `API_FILES_ACCESS_DELETE` - Delete access, \n * `API_FILES_ACCESS_DELETE_CHILD` - Delete from directory access, \n * `API_FILES_ACCESS_EXECUTE` - Execute access, \n * `API_FILES_ACCESS_EXTEND` - File extension access, \n * `API_FILES_ACCESS_MODIFY` - File modification access, \n * `API_FILES_ACCESS_READ` - File read access, \n * `API_FILES_ACCESS_READ_ACL` - ACL read access, \n * `API_FILES_ACCESS_READ_ATTR` - Attribute read access, \n * `API_FILES_ACCESS_READ_EA` - Extended attribute read access, \n * `API_FILES_ACCESS_SYNCHRONIZE` - File synchronize access, \n * `API_FILES_ACCESS_WRITE_ACL` - ACL write access, \n * `API_FILES_ACCESS_WRITE_ATTR` - Attribute write access, \n * `API_FILES_ACCESS_WRITE_EA` - Extended attribute write access, \n * `API_FILES_ACCESS_WRITE_GROUP` - Group write access"
}
},
"annotated_aces" : {
"type" : "array" ,
"items" : {
"description" : "An ACE-by-ACE explanation of rights granted to the user." ,
"type" : "object" ,
"properties" : {
"ace" : {
"description" : "Exact copy of the FS ACE." ,
"type" : "object" ,
"properties" : {
"type" : {
"type" : "string" ,
"enum" : [
"ALLOWED" ,
"DENIED"
],
"description" : "Type of this ACL entry: \n * `ALLOWED` - API_FILES_ACE_TYPE_ALLOWED, \n * `DENIED` - API_FILES_ACE_TYPE_DENIED"
},
"flags" : {
"description" : "ACE flags for this ACL entry" ,
"type" : "array" ,
"items" : {
"type" : "string" ,
"enum" : [
"API_FILES_ACE_FLAG_OBJECT_INHERIT" ,
"API_FILES_ACE_FLAG_CONTAINER_INHERIT" ,
"API_FILES_ACE_FLAG_NO_PROPAGATE_INHERIT" ,
"API_FILES_ACE_FLAG_INHERIT_ONLY" ,
"API_FILES_ACE_FLAG_INHERITED" ,
"API_FILES_ACE_FLAG_ALL"
],
"description" : "ACE flags for this ACL entry: \n * `API_FILES_ACE_FLAG_ALL` - All ACE flags, \n * `API_FILES_ACE_FLAG_CONTAINER_INHERIT` - Children that are containers inherit as effective ACE, \n * `API_FILES_ACE_FLAG_INHERITED` - Indicates the ACE was inherited, \n * `API_FILES_ACE_FLAG_INHERIT_ONLY` - Indicates an inherit-only ACE that doesn't control access to the attached object, \n * `API_FILES_ACE_FLAG_NO_PROPAGATE_INHERIT` - Prevent subsequent children from inheriting ACE, \n * `API_FILES_ACE_FLAG_OBJECT_INHERIT` - Non-container children inherit as effective ACE. Container objects inherit as inherit-only ACE"
}
},
"trustee" : {
"description" : "Trustee for this ACL entry" ,
"type" : "object" ,
"properties" : {
"domain" : {
"type" : "string" ,
"enum" : [
"LOCAL" ,
"API_NULL_DOMAIN" ,
"WORLD" ,
"POSIX_USER" ,
"POSIX_GROUP" ,
"ACTIVE_DIRECTORY" ,
"API_INVALID_DOMAIN" ,
"API_RESERVED_DOMAIN" ,
"API_INTERNAL_DOMAIN" ,
"API_OPERATOR_DOMAIN" ,
"API_CREATOR_DOMAIN"
],
"description" : "domain: \n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY, \n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN, \n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN, \n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN, \n * `API_NULL_DOMAIN` - API_NULL_DOMAIN, \n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN, \n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN, \n * `LOCAL` - LOCAL, \n * `POSIX_GROUP` - POSIX_GROUP, \n * `POSIX_USER` - POSIX_USER, \n * `WORLD` - WORLD"
},
"auth_id" : {
"description" : "auth_id" ,
"type" : "string"
},
"uid" : {
"description" : "uid" ,
"type" : "number"
},
"gid" : {
"description" : "gid" ,
"type" : "number"
},
"sid" : {
"description" : "sid" ,
"type" : "string"
},
"name" : {
"description" : "name" ,
"type" : "string"
}
}
},
"rights" : {
"description" : "Rights granted or denied for this ACL entry" ,
"type" : "array" ,
"items" : {
"type" : "string" ,
"enum" : [
"API_FILES_ACCESS_READ" ,
"API_FILES_ACCESS_READ_EA" ,
"API_FILES_ACCESS_READ_ATTR" ,
"API_FILES_ACCESS_READ_ACL" ,
"API_FILES_ACCESS_WRITE_EA" ,
"API_FILES_ACCESS_WRITE_ATTR" ,
"API_FILES_ACCESS_WRITE_ACL" ,
"API_FILES_ACCESS_CHANGE_OWNER" ,
"API_FILES_ACCESS_WRITE_GROUP" ,
"API_FILES_ACCESS_DELETE" ,
"API_FILES_ACCESS_EXECUTE" ,
"API_FILES_ACCESS_MODIFY" ,
"API_FILES_ACCESS_EXTEND" ,
"API_FILES_ACCESS_ADD_FILE" ,
"API_FILES_ACCESS_ADD_SUBDIR" ,
"API_FILES_ACCESS_DELETE_CHILD" ,
"API_FILES_ACCESS_SYNCHRONIZE" ,
"API_FILES_ACCESS_ALL"
],
"description" : "Rights granted or denied for this ACL entry: \n * `API_FILES_ACCESS_ADD_FILE` - File creation access, \n * `API_FILES_ACCESS_ADD_SUBDIR` - Directory creation access, \n * `API_FILES_ACCESS_ALL` - All access rights, \n * `API_FILES_ACCESS_CHANGE_OWNER` - Owner write access, \n * `API_FILES_ACCESS_DELETE` - Delete access, \n * `API_FILES_ACCESS_DELETE_CHILD` - Delete from directory access, \n * `API_FILES_ACCESS_EXECUTE` - Execute access, \n * `API_FILES_ACCESS_EXTEND` - File extension access, \n * `API_FILES_ACCESS_MODIFY` - File modification access, \n * `API_FILES_ACCESS_READ` - File read access, \n * `API_FILES_ACCESS_READ_ACL` - ACL read access, \n * `API_FILES_ACCESS_READ_ATTR` - Attribute read access, \n * `API_FILES_ACCESS_READ_EA` - Extended attribute read access, \n * `API_FILES_ACCESS_SYNCHRONIZE` - File synchronize access, \n * `API_FILES_ACCESS_WRITE_ACL` - ACL write access, \n * `API_FILES_ACCESS_WRITE_ATTR` - Attribute write access, \n * `API_FILES_ACCESS_WRITE_EA` - Extended attribute write access, \n * `API_FILES_ACCESS_WRITE_GROUP` - Group write access"
}
}
}
},
"trustee_matches" : {
"description" : "Whether this ACE's trustee matches the user in question." ,
"type" : "boolean"
},
"skipped_inherit_only" : {
"description" : "Whether this ACE does not affect rights due to being inherit-only." ,
"type" : "boolean"
},
"newly_allowed" : {
"description" : "Rights allowed by the current ACE." ,
"type" : "array" ,
"items" : {
"type" : "string" ,
"enum" : [
"API_FILES_ACCESS_READ" ,
"API_FILES_ACCESS_READ_EA" ,
"API_FILES_ACCESS_READ_ATTR" ,
"API_FILES_ACCESS_READ_ACL" ,
"API_FILES_ACCESS_WRITE_EA" ,
"API_FILES_ACCESS_WRITE_ATTR" ,
"API_FILES_ACCESS_WRITE_ACL" ,
"API_FILES_ACCESS_CHANGE_OWNER" ,
"API_FILES_ACCESS_WRITE_GROUP" ,
"API_FILES_ACCESS_DELETE" ,
"API_FILES_ACCESS_EXECUTE" ,
"API_FILES_ACCESS_MODIFY" ,
"API_FILES_ACCESS_EXTEND" ,
"API_FILES_ACCESS_ADD_FILE" ,
"API_FILES_ACCESS_ADD_SUBDIR" ,
"API_FILES_ACCESS_DELETE_CHILD" ,
"API_FILES_ACCESS_SYNCHRONIZE" ,
"API_FILES_ACCESS_ALL"
],
"description" : "Rights allowed by the current ACE.: \n * `API_FILES_ACCESS_ADD_FILE` - File creation access, \n * `API_FILES_ACCESS_ADD_SUBDIR` - Directory creation access, \n * `API_FILES_ACCESS_ALL` - All access rights, \n * `API_FILES_ACCESS_CHANGE_OWNER` - Owner write access, \n * `API_FILES_ACCESS_DELETE` - Delete access, \n * `API_FILES_ACCESS_DELETE_CHILD` - Delete from directory access, \n * `API_FILES_ACCESS_EXECUTE` - Execute access, \n * `API_FILES_ACCESS_EXTEND` - File extension access, \n * `API_FILES_ACCESS_MODIFY` - File modification access, \n * `API_FILES_ACCESS_READ` - File read access, \n * `API_FILES_ACCESS_READ_ACL` - ACL read access, \n * `API_FILES_ACCESS_READ_ATTR` - Attribute read access, \n * `API_FILES_ACCESS_READ_EA` - Extended attribute read access, \n * `API_FILES_ACCESS_SYNCHRONIZE` - File synchronize access, \n * `API_FILES_ACCESS_WRITE_ACL` - ACL write access, \n * `API_FILES_ACCESS_WRITE_ATTR` - Attribute write access, \n * `API_FILES_ACCESS_WRITE_EA` - Extended attribute write access, \n * `API_FILES_ACCESS_WRITE_GROUP` - Group write access"
}
},
"cumulative_allowed" : {
"description" : "Rights allowed in total so far." ,
"type" : "array" ,
"items" : {
"type" : "string" ,
"enum" : [
"API_FILES_ACCESS_READ" ,
"API_FILES_ACCESS_READ_EA" ,
"API_FILES_ACCESS_READ_ATTR" ,
"API_FILES_ACCESS_READ_ACL" ,
"API_FILES_ACCESS_WRITE_EA" ,
"API_FILES_ACCESS_WRITE_ATTR" ,
"API_FILES_ACCESS_WRITE_ACL" ,
"API_FILES_ACCESS_CHANGE_OWNER" ,
"API_FILES_ACCESS_WRITE_GROUP" ,
"API_FILES_ACCESS_DELETE" ,
"API_FILES_ACCESS_EXECUTE" ,
"API_FILES_ACCESS_MODIFY" ,
"API_FILES_ACCESS_EXTEND" ,
"API_FILES_ACCESS_ADD_FILE" ,
"API_FILES_ACCESS_ADD_SUBDIR" ,
"API_FILES_ACCESS_DELETE_CHILD" ,
"API_FILES_ACCESS_SYNCHRONIZE" ,
"API_FILES_ACCESS_ALL"
],
"description" : "Rights allowed in total so far.: \n * `API_FILES_ACCESS_ADD_FILE` - File creation access, \n * `API_FILES_ACCESS_ADD_SUBDIR` - Directory creation access, \n * `API_FILES_ACCESS_ALL` - All access rights, \n * `API_FILES_ACCESS_CHANGE_OWNER` - Owner write access, \n * `API_FILES_ACCESS_DELETE` - Delete access, \n * `API_FILES_ACCESS_DELETE_CHILD` - Delete from directory access, \n * `API_FILES_ACCESS_EXECUTE` - Execute access, \n * `API_FILES_ACCESS_EXTEND` - File extension access, \n * `API_FILES_ACCESS_MODIFY` - File modification access, \n * `API_FILES_ACCESS_READ` - File read access, \n * `API_FILES_ACCESS_READ_ACL` - ACL read access, \n * `API_FILES_ACCESS_READ_ATTR` - Attribute read access, \n * `API_FILES_ACCESS_READ_EA` - Extended attribute read access, \n * `API_FILES_ACCESS_SYNCHRONIZE` - File synchronize access, \n * `API_FILES_ACCESS_WRITE_ACL` - ACL write access, \n * `API_FILES_ACCESS_WRITE_ATTR` - Attribute write access, \n * `API_FILES_ACCESS_WRITE_EA` - Extended attribute write access, \n * `API_FILES_ACCESS_WRITE_GROUP` - Group write access"
}
},
"newly_denied" : {
"description" : "Rights denied by the current ACE." ,
"type" : "array" ,
"items" : {
"type" : "string" ,
"enum" : [
"API_FILES_ACCESS_READ" ,
"API_FILES_ACCESS_READ_EA" ,
"API_FILES_ACCESS_READ_ATTR" ,
"API_FILES_ACCESS_READ_ACL" ,
"API_FILES_ACCESS_WRITE_EA" ,
"API_FILES_ACCESS_WRITE_ATTR" ,
"API_FILES_ACCESS_WRITE_ACL" ,
"API_FILES_ACCESS_CHANGE_OWNER" ,
"API_FILES_ACCESS_WRITE_GROUP" ,
"API_FILES_ACCESS_DELETE" ,
"API_FILES_ACCESS_EXECUTE" ,
"API_FILES_ACCESS_MODIFY" ,
"API_FILES_ACCESS_EXTEND" ,
"API_FILES_ACCESS_ADD_FILE" ,
"API_FILES_ACCESS_ADD_SUBDIR" ,
"API_FILES_ACCESS_DELETE_CHILD" ,
"API_FILES_ACCESS_SYNCHRONIZE" ,
"API_FILES_ACCESS_ALL"
],
"description" : "Rights denied by the current ACE.: \n * `API_FILES_ACCESS_ADD_FILE` - File creation access, \n * `API_FILES_ACCESS_ADD_SUBDIR` - Directory creation access, \n * `API_FILES_ACCESS_ALL` - All access rights, \n * `API_FILES_ACCESS_CHANGE_OWNER` - Owner write access, \n * `API_FILES_ACCESS_DELETE` - Delete access, \n * `API_FILES_ACCESS_DELETE_CHILD` - Delete from directory access, \n * `API_FILES_ACCESS_EXECUTE` - Execute access, \n * `API_FILES_ACCESS_EXTEND` - File extension access, \n * `API_FILES_ACCESS_MODIFY` - File modification access, \n * `API_FILES_ACCESS_READ` - File read access, \n * `API_FILES_ACCESS_READ_ACL` - ACL read access, \n * `API_FILES_ACCESS_READ_ATTR` - Attribute read access, \n * `API_FILES_ACCESS_READ_EA` - Extended attribute read access, \n * `API_FILES_ACCESS_SYNCHRONIZE` - File synchronize access, \n * `API_FILES_ACCESS_WRITE_ACL` - ACL write access, \n * `API_FILES_ACCESS_WRITE_ATTR` - Attribute write access, \n * `API_FILES_ACCESS_WRITE_EA` - Extended attribute write access, \n * `API_FILES_ACCESS_WRITE_GROUP` - Group write access"
}
},
"cumulative_denied" : {
"description" : "Rights denied in total so far." ,
"type" : "array" ,
"items" : {
"type" : "string" ,
"enum" : [
"API_FILES_ACCESS_READ" ,
"API_FILES_ACCESS_READ_EA" ,
"API_FILES_ACCESS_READ_ATTR" ,
"API_FILES_ACCESS_READ_ACL" ,
"API_FILES_ACCESS_WRITE_EA" ,
"API_FILES_ACCESS_WRITE_ATTR" ,
"API_FILES_ACCESS_WRITE_ACL" ,
"API_FILES_ACCESS_CHANGE_OWNER" ,
"API_FILES_ACCESS_WRITE_GROUP" ,
"API_FILES_ACCESS_DELETE" ,
"API_FILES_ACCESS_EXECUTE" ,
"API_FILES_ACCESS_MODIFY" ,
"API_FILES_ACCESS_EXTEND" ,
"API_FILES_ACCESS_ADD_FILE" ,
"API_FILES_ACCESS_ADD_SUBDIR" ,
"API_FILES_ACCESS_DELETE_CHILD" ,
"API_FILES_ACCESS_SYNCHRONIZE" ,
"API_FILES_ACCESS_ALL"
],
"description" : "Rights denied in total so far.: \n * `API_FILES_ACCESS_ADD_FILE` - File creation access, \n * `API_FILES_ACCESS_ADD_SUBDIR` - Directory creation access, \n * `API_FILES_ACCESS_ALL` - All access rights, \n * `API_FILES_ACCESS_CHANGE_OWNER` - Owner write access, \n * `API_FILES_ACCESS_DELETE` - Delete access, \n * `API_FILES_ACCESS_DELETE_CHILD` - Delete from directory access, \n * `API_FILES_ACCESS_EXECUTE` - Execute access, \n * `API_FILES_ACCESS_EXTEND` - File extension access, \n * `API_FILES_ACCESS_MODIFY` - File modification access, \n * `API_FILES_ACCESS_READ` - File read access, \n * `API_FILES_ACCESS_READ_ACL` - ACL read access, \n * `API_FILES_ACCESS_READ_ATTR` - Attribute read access, \n * `API_FILES_ACCESS_READ_EA` - Extended attribute read access, \n * `API_FILES_ACCESS_SYNCHRONIZE` - File synchronize access, \n * `API_FILES_ACCESS_WRITE_ACL` - ACL write access, \n * `API_FILES_ACCESS_WRITE_ATTR` - Attribute write access, \n * `API_FILES_ACCESS_WRITE_EA` - Extended attribute write access, \n * `API_FILES_ACCESS_WRITE_GROUP` - Group write access"
}
}
}
}
},
"rights_from_aces" : {
"description" : "Rights granted by the file or directory's ACEs." ,
"type" : "array" ,
"items" : {
"type" : "string" ,
"enum" : [
"API_FILES_ACCESS_READ" ,
"API_FILES_ACCESS_READ_EA" ,
"API_FILES_ACCESS_READ_ATTR" ,
"API_FILES_ACCESS_READ_ACL" ,
"API_FILES_ACCESS_WRITE_EA" ,
"API_FILES_ACCESS_WRITE_ATTR" ,
"API_FILES_ACCESS_WRITE_ACL" ,
"API_FILES_ACCESS_CHANGE_OWNER" ,
"API_FILES_ACCESS_WRITE_GROUP" ,
"API_FILES_ACCESS_DELETE" ,
"API_FILES_ACCESS_EXECUTE" ,
"API_FILES_ACCESS_MODIFY" ,
"API_FILES_ACCESS_EXTEND" ,
"API_FILES_ACCESS_ADD_FILE" ,
"API_FILES_ACCESS_ADD_SUBDIR" ,
"API_FILES_ACCESS_DELETE_CHILD" ,
"API_FILES_ACCESS_SYNCHRONIZE" ,
"API_FILES_ACCESS_ALL"
],
"description" : "Rights granted by the file or directory's ACEs.: \n * `API_FILES_ACCESS_ADD_FILE` - File creation access, \n * `API_FILES_ACCESS_ADD_SUBDIR` - Directory creation access, \n * `API_FILES_ACCESS_ALL` - All access rights, \n * `API_FILES_ACCESS_CHANGE_OWNER` - Owner write access, \n * `API_FILES_ACCESS_DELETE` - Delete access, \n * `API_FILES_ACCESS_DELETE_CHILD` - Delete from directory access, \n * `API_FILES_ACCESS_EXECUTE` - Execute access, \n * `API_FILES_ACCESS_EXTEND` - File extension access, \n * `API_FILES_ACCESS_MODIFY` - File modification access, \n * `API_FILES_ACCESS_READ` - File read access, \n * `API_FILES_ACCESS_READ_ACL` - ACL read access, \n * `API_FILES_ACCESS_READ_ATTR` - Attribute read access, \n * `API_FILES_ACCESS_READ_EA` - Extended attribute read access, \n * `API_FILES_ACCESS_SYNCHRONIZE` - File synchronize access, \n * `API_FILES_ACCESS_WRITE_ACL` - ACL write access, \n * `API_FILES_ACCESS_WRITE_ATTR` - Attribute write access, \n * `API_FILES_ACCESS_WRITE_EA` - Extended attribute write access, \n * `API_FILES_ACCESS_WRITE_GROUP` - Group write access"
}
},
"implicit_owner_rights_suppressed_by_ace" : {
"description" : "Whether implicit rights for the owner were suppressed by an ACE for the well-known Owner Rights principal." ,
"type" : "boolean"
},
"implicit_owner_rights" : {
"description" : "Rights implicitly granted because the user in question owns the file or directory." ,
"type" : "array" ,
"items" : {
"type" : "string" ,
"enum" : [
"API_FILES_ACCESS_READ" ,
"API_FILES_ACCESS_READ_EA" ,
"API_FILES_ACCESS_READ_ATTR" ,
"API_FILES_ACCESS_READ_ACL" ,
"API_FILES_ACCESS_WRITE_EA" ,
"API_FILES_ACCESS_WRITE_ATTR" ,
"API_FILES_ACCESS_WRITE_ACL" ,
"API_FILES_ACCESS_CHANGE_OWNER" ,
"API_FILES_ACCESS_WRITE_GROUP" ,
"API_FILES_ACCESS_DELETE" ,
"API_FILES_ACCESS_EXECUTE" ,
"API_FILES_ACCESS_MODIFY" ,
"API_FILES_ACCESS_EXTEND" ,
"API_FILES_ACCESS_ADD_FILE" ,
"API_FILES_ACCESS_ADD_SUBDIR" ,
"API_FILES_ACCESS_DELETE_CHILD" ,
"API_FILES_ACCESS_SYNCHRONIZE" ,
"API_FILES_ACCESS_ALL"
],
"description" : "Rights implicitly granted because the user in question owns the file or directory.: \n * `API_FILES_ACCESS_ADD_FILE` - File creation access, \n * `API_FILES_ACCESS_ADD_SUBDIR` - Directory creation access, \n * `API_FILES_ACCESS_ALL` - All access rights, \n * `API_FILES_ACCESS_CHANGE_OWNER` - Owner write access, \n * `API_FILES_ACCESS_DELETE` - Delete access, \n * `API_FILES_ACCESS_DELETE_CHILD` - Delete from directory access, \n * `API_FILES_ACCESS_EXECUTE` - Execute access, \n * `API_FILES_ACCESS_EXTEND` - File extension access, \n * `API_FILES_ACCESS_MODIFY` - File modification access, \n * `API_FILES_ACCESS_READ` - File read access, \n * `API_FILES_ACCESS_READ_ACL` - ACL read access, \n * `API_FILES_ACCESS_READ_ATTR` - Attribute read access, \n * `API_FILES_ACCESS_READ_EA` - Extended attribute read access, \n * `API_FILES_ACCESS_SYNCHRONIZE` - File synchronize access, \n * `API_FILES_ACCESS_WRITE_ACL` - ACL write access, \n * `API_FILES_ACCESS_WRITE_ATTR` - Attribute write access, \n * `API_FILES_ACCESS_WRITE_EA` - Extended attribute write access, \n * `API_FILES_ACCESS_WRITE_GROUP` - Group write access"
}
},
"implicit_rights_from_parent" : {
"description" : "Rights implicitly granted by this file or directory's container." ,
"type" : "array" ,
"items" : {
"type" : "string" ,
"enum" : [
"API_FILES_ACCESS_READ" ,
"API_FILES_ACCESS_READ_EA" ,
"API_FILES_ACCESS_READ_ATTR" ,
"API_FILES_ACCESS_READ_ACL" ,
"API_FILES_ACCESS_WRITE_EA" ,
"API_FILES_ACCESS_WRITE_ATTR" ,
"API_FILES_ACCESS_WRITE_ACL" ,
"API_FILES_ACCESS_CHANGE_OWNER" ,
"API_FILES_ACCESS_WRITE_GROUP" ,
"API_FILES_ACCESS_DELETE" ,
"API_FILES_ACCESS_EXECUTE" ,
"API_FILES_ACCESS_MODIFY" ,
"API_FILES_ACCESS_EXTEND" ,
"API_FILES_ACCESS_ADD_FILE" ,
"API_FILES_ACCESS_ADD_SUBDIR" ,
"API_FILES_ACCESS_DELETE_CHILD" ,
"API_FILES_ACCESS_SYNCHRONIZE" ,
"API_FILES_ACCESS_ALL"
],
"description" : "Rights implicitly granted by this file or directory's container.: \n * `API_FILES_ACCESS_ADD_FILE` - File creation access, \n * `API_FILES_ACCESS_ADD_SUBDIR` - Directory creation access, \n * `API_FILES_ACCESS_ALL` - All access rights, \n * `API_FILES_ACCESS_CHANGE_OWNER` - Owner write access, \n * `API_FILES_ACCESS_DELETE` - Delete access, \n * `API_FILES_ACCESS_DELETE_CHILD` - Delete from directory access, \n * `API_FILES_ACCESS_EXECUTE` - Execute access, \n * `API_FILES_ACCESS_EXTEND` - File extension access, \n * `API_FILES_ACCESS_MODIFY` - File modification access, \n * `API_FILES_ACCESS_READ` - File read access, \n * `API_FILES_ACCESS_READ_ACL` - ACL read access, \n * `API_FILES_ACCESS_READ_ATTR` - Attribute read access, \n * `API_FILES_ACCESS_READ_EA` - Extended attribute read access, \n * `API_FILES_ACCESS_SYNCHRONIZE` - File synchronize access, \n * `API_FILES_ACCESS_WRITE_ACL` - ACL write access, \n * `API_FILES_ACCESS_WRITE_ATTR` - Attribute write access, \n * `API_FILES_ACCESS_WRITE_EA` - Extended attribute write access, \n * `API_FILES_ACCESS_WRITE_GROUP` - Group write access"
}
},
"implicit_rights" : {
"description" : "Cumulative rights implicitly granted." ,
"type" : "array" ,
"items" : {
"type" : "string" ,
"enum" : [
"API_FILES_ACCESS_READ" ,
"API_FILES_ACCESS_READ_EA" ,
"API_FILES_ACCESS_READ_ATTR" ,
"API_FILES_ACCESS_READ_ACL" ,
"API_FILES_ACCESS_WRITE_EA" ,
"API_FILES_ACCESS_WRITE_ATTR" ,
"API_FILES_ACCESS_WRITE_ACL" ,
"API_FILES_ACCESS_CHANGE_OWNER" ,
"API_FILES_ACCESS_WRITE_GROUP" ,
"API_FILES_ACCESS_DELETE" ,
"API_FILES_ACCESS_EXECUTE" ,
"API_FILES_ACCESS_MODIFY" ,
"API_FILES_ACCESS_EXTEND" ,
"API_FILES_ACCESS_ADD_FILE" ,
"API_FILES_ACCESS_ADD_SUBDIR" ,
"API_FILES_ACCESS_DELETE_CHILD" ,
"API_FILES_ACCESS_SYNCHRONIZE" ,
"API_FILES_ACCESS_ALL"
],
"description" : "Cumulative rights implicitly granted.: \n * `API_FILES_ACCESS_ADD_FILE` - File creation access, \n * `API_FILES_ACCESS_ADD_SUBDIR` - Directory creation access, \n * `API_FILES_ACCESS_ALL` - All access rights, \n * `API_FILES_ACCESS_CHANGE_OWNER` - Owner write access, \n * `API_FILES_ACCESS_DELETE` - Delete access, \n * `API_FILES_ACCESS_DELETE_CHILD` - Delete from directory access, \n * `API_FILES_ACCESS_EXECUTE` - Execute access, \n * `API_FILES_ACCESS_EXTEND` - File extension access, \n * `API_FILES_ACCESS_MODIFY` - File modification access, \n * `API_FILES_ACCESS_READ` - File read access, \n * `API_FILES_ACCESS_READ_ACL` - ACL read access, \n * `API_FILES_ACCESS_READ_ATTR` - Attribute read access, \n * `API_FILES_ACCESS_READ_EA` - Extended attribute read access, \n * `API_FILES_ACCESS_SYNCHRONIZE` - File synchronize access, \n * `API_FILES_ACCESS_WRITE_ACL` - ACL write access, \n * `API_FILES_ACCESS_WRITE_ATTR` - Attribute write access, \n * `API_FILES_ACCESS_WRITE_EA` - Extended attribute write access, \n * `API_FILES_ACCESS_WRITE_GROUP` - Group write access"
}
},
"is_read_only" : {
"description" : "Whether the file or directory in question is in read-only mode." ,
"type" : "boolean"
},
"max_rights" : {
"description" : "Maximum rights which may be granted based on share permissions." ,
"type" : "array" ,
"items" : {
"type" : "string" ,
"enum" : [
"API_FILES_ACCESS_READ" ,
"API_FILES_ACCESS_READ_EA" ,
"API_FILES_ACCESS_READ_ATTR" ,
"API_FILES_ACCESS_READ_ACL" ,
"API_FILES_ACCESS_WRITE_EA" ,
"API_FILES_ACCESS_WRITE_ATTR" ,
"API_FILES_ACCESS_WRITE_ACL" ,
"API_FILES_ACCESS_CHANGE_OWNER" ,
"API_FILES_ACCESS_WRITE_GROUP" ,
"API_FILES_ACCESS_DELETE" ,
"API_FILES_ACCESS_EXECUTE" ,
"API_FILES_ACCESS_MODIFY" ,
"API_FILES_ACCESS_EXTEND" ,
"API_FILES_ACCESS_ADD_FILE" ,
"API_FILES_ACCESS_ADD_SUBDIR" ,
"API_FILES_ACCESS_DELETE_CHILD" ,
"API_FILES_ACCESS_SYNCHRONIZE" ,
"API_FILES_ACCESS_ALL"
],
"description" : "Maximum rights which may be granted based on share permissions.: \n * `API_FILES_ACCESS_ADD_FILE` - File creation access, \n * `API_FILES_ACCESS_ADD_SUBDIR` - Directory creation access, \n * `API_FILES_ACCESS_ALL` - All access rights, \n * `API_FILES_ACCESS_CHANGE_OWNER` - Owner write access, \n * `API_FILES_ACCESS_DELETE` - Delete access, \n * `API_FILES_ACCESS_DELETE_CHILD` - Delete from directory access, \n * `API_FILES_ACCESS_EXECUTE` - Execute access, \n * `API_FILES_ACCESS_EXTEND` - File extension access, \n * `API_FILES_ACCESS_MODIFY` - File modification access, \n * `API_FILES_ACCESS_READ` - File read access, \n * `API_FILES_ACCESS_READ_ACL` - ACL read access, \n * `API_FILES_ACCESS_READ_ATTR` - Attribute read access, \n * `API_FILES_ACCESS_READ_EA` - Extended attribute read access, \n * `API_FILES_ACCESS_SYNCHRONIZE` - File synchronize access, \n * `API_FILES_ACCESS_WRITE_ACL` - ACL write access, \n * `API_FILES_ACCESS_WRITE_ATTR` - Attribute write access, \n * `API_FILES_ACCESS_WRITE_EA` - Extended attribute write access, \n * `API_FILES_ACCESS_WRITE_GROUP` - Group write access"
}
},
"effective_rights" : {
"description" : "Effective rights granted to the user in question for the file or directory." ,
"type" : "array" ,
"items" : {
"type" : "string" ,
"enum" : [
"API_FILES_ACCESS_READ" ,
"API_FILES_ACCESS_READ_EA" ,
"API_FILES_ACCESS_READ_ATTR" ,
"API_FILES_ACCESS_READ_ACL" ,
"API_FILES_ACCESS_WRITE_EA" ,
"API_FILES_ACCESS_WRITE_ATTR" ,
"API_FILES_ACCESS_WRITE_ACL" ,
"API_FILES_ACCESS_CHANGE_OWNER" ,
"API_FILES_ACCESS_WRITE_GROUP" ,
"API_FILES_ACCESS_DELETE" ,
"API_FILES_ACCESS_EXECUTE" ,
"API_FILES_ACCESS_MODIFY" ,
"API_FILES_ACCESS_EXTEND" ,
"API_FILES_ACCESS_ADD_FILE" ,
"API_FILES_ACCESS_ADD_SUBDIR" ,
"API_FILES_ACCESS_DELETE_CHILD" ,
"API_FILES_ACCESS_SYNCHRONIZE" ,
"API_FILES_ACCESS_ALL"
],
"description" : "Effective rights granted to the user in question for the file or directory.: \n * `API_FILES_ACCESS_ADD_FILE` - File creation access, \n * `API_FILES_ACCESS_ADD_SUBDIR` - Directory creation access, \n * `API_FILES_ACCESS_ALL` - All access rights, \n * `API_FILES_ACCESS_CHANGE_OWNER` - Owner write access, \n * `API_FILES_ACCESS_DELETE` - Delete access, \n * `API_FILES_ACCESS_DELETE_CHILD` - Delete from directory access, \n * `API_FILES_ACCESS_EXECUTE` - Execute access, \n * `API_FILES_ACCESS_EXTEND` - File extension access, \n * `API_FILES_ACCESS_MODIFY` - File modification access, \n * `API_FILES_ACCESS_READ` - File read access, \n * `API_FILES_ACCESS_READ_ACL` - ACL read access, \n * `API_FILES_ACCESS_READ_ATTR` - Attribute read access, \n * `API_FILES_ACCESS_READ_EA` - Extended attribute read access, \n * `API_FILES_ACCESS_SYNCHRONIZE` - File synchronize access, \n * `API_FILES_ACCESS_WRITE_ACL` - ACL write access, \n * `API_FILES_ACCESS_WRITE_ATTR` - Attribute write access, \n * `API_FILES_ACCESS_WRITE_EA` - Extended attribute write access, \n * `API_FILES_ACCESS_WRITE_GROUP` - Group write access"
}
}
}
} 