Endpoint

/v1/files/{ref}/info/acl/explain-rights

POST

Explain how rights are granted to a user for a file/directory.

Parameters

Name Description Required
ref The file ID or the absolute path to the file system object. File IDs can be found in the id field of responses of APIs that return file attributes. You must URL-encode the paths. The APIs & Tools page in the Qumulo Core Web UI URL-encodes the paths. Yes
snapshot The snapshot ID that specifies the version of the filesystem to use. If not specified, use the head version. No

Request

Schema

{
  "description": "api_files_effective_rights_post",
  "type": "object",
  "properties": {
    "user": {
      "description": "The user for whom to explain effective rights.",
      "type": "object",
      "properties": {
        "domain": {
          "type": "string",
          "enum": [
            "LOCAL",
            "API_NULL_DOMAIN",
            "WORLD",
            "POSIX_USER",
            "POSIX_GROUP",
            "ACTIVE_DIRECTORY",
            "API_INVALID_DOMAIN",
            "API_RESERVED_DOMAIN",
            "API_INTERNAL_DOMAIN",
            "API_OPERATOR_DOMAIN",
            "API_CREATOR_DOMAIN"
          ],
          "description": "domain:\n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY,\n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN,\n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN,\n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN,\n * `API_NULL_DOMAIN` - API_NULL_DOMAIN,\n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN,\n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN,\n * `LOCAL` - LOCAL,\n * `POSIX_GROUP` - POSIX_GROUP,\n * `POSIX_USER` - POSIX_USER,\n * `WORLD` - WORLD"
        },
        "auth_id": {
          "description": "auth_id",
          "type": "string"
        },
        "uid": {
          "description": "uid",
          "type": "number"
        },
        "gid": {
          "description": "gid",
          "type": "number"
        },
        "sid": {
          "description": "sid",
          "type": "string"
        },
        "name": {
          "description": "name",
          "type": "string"
        }
      }
    },
    "primary_group": {
      "description": "The user's primary group.",
      "type": "object",
      "properties": {
        "domain": {
          "type": "string",
          "enum": [
            "LOCAL",
            "API_NULL_DOMAIN",
            "WORLD",
            "POSIX_USER",
            "POSIX_GROUP",
            "ACTIVE_DIRECTORY",
            "API_INVALID_DOMAIN",
            "API_RESERVED_DOMAIN",
            "API_INTERNAL_DOMAIN",
            "API_OPERATOR_DOMAIN",
            "API_CREATOR_DOMAIN"
          ],
          "description": "domain:\n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY,\n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN,\n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN,\n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN,\n * `API_NULL_DOMAIN` - API_NULL_DOMAIN,\n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN,\n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN,\n * `LOCAL` - LOCAL,\n * `POSIX_GROUP` - POSIX_GROUP,\n * `POSIX_USER` - POSIX_USER,\n * `WORLD` - WORLD"
        },
        "auth_id": {
          "description": "auth_id",
          "type": "string"
        },
        "uid": {
          "description": "uid",
          "type": "number"
        },
        "gid": {
          "description": "gid",
          "type": "number"
        },
        "sid": {
          "description": "sid",
          "type": "string"
        },
        "name": {
          "description": "name",
          "type": "string"
        }
      }
    },
    "auxiliary_identities": {
      "type": "array",
      "items": {
        "description": "Any auxiliary identities for the user, e.g. additional groups or related identities.",
        "type": "object",
        "properties": {
          "domain": {
            "type": "string",
            "enum": [
              "LOCAL",
              "API_NULL_DOMAIN",
              "WORLD",
              "POSIX_USER",
              "POSIX_GROUP",
              "ACTIVE_DIRECTORY",
              "API_INVALID_DOMAIN",
              "API_RESERVED_DOMAIN",
              "API_INTERNAL_DOMAIN",
              "API_OPERATOR_DOMAIN",
              "API_CREATOR_DOMAIN"
            ],
            "description": "domain:\n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY,\n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN,\n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN,\n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN,\n * `API_NULL_DOMAIN` - API_NULL_DOMAIN,\n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN,\n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN,\n * `LOCAL` - LOCAL,\n * `POSIX_GROUP` - POSIX_GROUP,\n * `POSIX_USER` - POSIX_USER,\n * `WORLD` - WORLD"
          },
          "auth_id": {
            "description": "auth_id",
            "type": "string"
          },
          "uid": {
            "description": "uid",
            "type": "number"
          },
          "gid": {
            "description": "gid",
            "type": "number"
          },
          "sid": {
            "description": "sid",
            "type": "string"
          },
          "name": {
            "description": "name",
            "type": "string"
          }
        }
      }
    }
  }
}

Response

Codes

Code Description
200 Return value on success

Schema

{
  "description": "api_files_effective_rights_explanation",
  "type": "object",
  "properties": {
    "owner": {
      "description": "The user that owns the file.",
      "type": "object",
      "properties": {
        "domain": {
          "type": "string",
          "enum": [
            "LOCAL",
            "API_NULL_DOMAIN",
            "WORLD",
            "POSIX_USER",
            "POSIX_GROUP",
            "ACTIVE_DIRECTORY",
            "API_INVALID_DOMAIN",
            "API_RESERVED_DOMAIN",
            "API_INTERNAL_DOMAIN",
            "API_OPERATOR_DOMAIN",
            "API_CREATOR_DOMAIN"
          ],
          "description": "domain:\n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY,\n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN,\n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN,\n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN,\n * `API_NULL_DOMAIN` - API_NULL_DOMAIN,\n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN,\n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN,\n * `LOCAL` - LOCAL,\n * `POSIX_GROUP` - POSIX_GROUP,\n * `POSIX_USER` - POSIX_USER,\n * `WORLD` - WORLD"
        },
        "auth_id": {
          "description": "auth_id",
          "type": "string"
        },
        "uid": {
          "description": "uid",
          "type": "number"
        },
        "gid": {
          "description": "gid",
          "type": "number"
        },
        "sid": {
          "description": "sid",
          "type": "string"
        },
        "name": {
          "description": "name",
          "type": "string"
        }
      }
    },
    "group_owner": {
      "description": "The group-owner for the file.",
      "type": "object",
      "properties": {
        "domain": {
          "type": "string",
          "enum": [
            "LOCAL",
            "API_NULL_DOMAIN",
            "WORLD",
            "POSIX_USER",
            "POSIX_GROUP",
            "ACTIVE_DIRECTORY",
            "API_INVALID_DOMAIN",
            "API_RESERVED_DOMAIN",
            "API_INTERNAL_DOMAIN",
            "API_OPERATOR_DOMAIN",
            "API_CREATOR_DOMAIN"
          ],
          "description": "domain:\n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY,\n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN,\n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN,\n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN,\n * `API_NULL_DOMAIN` - API_NULL_DOMAIN,\n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN,\n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN,\n * `LOCAL` - LOCAL,\n * `POSIX_GROUP` - POSIX_GROUP,\n * `POSIX_USER` - POSIX_USER,\n * `WORLD` - WORLD"
        },
        "auth_id": {
          "description": "auth_id",
          "type": "string"
        },
        "uid": {
          "description": "uid",
          "type": "number"
        },
        "gid": {
          "description": "gid",
          "type": "number"
        },
        "sid": {
          "description": "sid",
          "type": "string"
        },
        "name": {
          "description": "name",
          "type": "string"
        }
      }
    },
    "requestor": {
      "description": "The full identity whose rights are described.",
      "type": "object",
      "properties": {
        "user": {
          "description": "The user for whose rights are being explained.",
          "type": "object",
          "properties": {
            "domain": {
              "type": "string",
              "enum": [
                "LOCAL",
                "API_NULL_DOMAIN",
                "WORLD",
                "POSIX_USER",
                "POSIX_GROUP",
                "ACTIVE_DIRECTORY",
                "API_INVALID_DOMAIN",
                "API_RESERVED_DOMAIN",
                "API_INTERNAL_DOMAIN",
                "API_OPERATOR_DOMAIN",
                "API_CREATOR_DOMAIN"
              ],
              "description": "domain:\n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY,\n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN,\n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN,\n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN,\n * `API_NULL_DOMAIN` - API_NULL_DOMAIN,\n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN,\n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN,\n * `LOCAL` - LOCAL,\n * `POSIX_GROUP` - POSIX_GROUP,\n * `POSIX_USER` - POSIX_USER,\n * `WORLD` - WORLD"
            },
            "auth_id": {
              "description": "auth_id",
              "type": "string"
            },
            "uid": {
              "description": "uid",
              "type": "number"
            },
            "gid": {
              "description": "gid",
              "type": "number"
            },
            "sid": {
              "description": "sid",
              "type": "string"
            },
            "name": {
              "description": "name",
              "type": "string"
            }
          }
        },
        "primary_group": {
          "description": "The user's primary group.",
          "type": "object",
          "properties": {
            "domain": {
              "type": "string",
              "enum": [
                "LOCAL",
                "API_NULL_DOMAIN",
                "WORLD",
                "POSIX_USER",
                "POSIX_GROUP",
                "ACTIVE_DIRECTORY",
                "API_INVALID_DOMAIN",
                "API_RESERVED_DOMAIN",
                "API_INTERNAL_DOMAIN",
                "API_OPERATOR_DOMAIN",
                "API_CREATOR_DOMAIN"
              ],
              "description": "domain:\n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY,\n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN,\n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN,\n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN,\n * `API_NULL_DOMAIN` - API_NULL_DOMAIN,\n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN,\n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN,\n * `LOCAL` - LOCAL,\n * `POSIX_GROUP` - POSIX_GROUP,\n * `POSIX_USER` - POSIX_USER,\n * `WORLD` - WORLD"
            },
            "auth_id": {
              "description": "auth_id",
              "type": "string"
            },
            "uid": {
              "description": "uid",
              "type": "number"
            },
            "gid": {
              "description": "gid",
              "type": "number"
            },
            "sid": {
              "description": "sid",
              "type": "string"
            },
            "name": {
              "description": "name",
              "type": "string"
            }
          }
        },
        "auxiliary_identities": {
          "type": "array",
          "items": {
            "description": "Any auxiliary identities for the user, e.g. additional groups or related identities.",
            "type": "object",
            "properties": {
              "domain": {
                "type": "string",
                "enum": [
                  "LOCAL",
                  "API_NULL_DOMAIN",
                  "WORLD",
                  "POSIX_USER",
                  "POSIX_GROUP",
                  "ACTIVE_DIRECTORY",
                  "API_INVALID_DOMAIN",
                  "API_RESERVED_DOMAIN",
                  "API_INTERNAL_DOMAIN",
                  "API_OPERATOR_DOMAIN",
                  "API_CREATOR_DOMAIN"
                ],
                "description": "domain:\n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY,\n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN,\n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN,\n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN,\n * `API_NULL_DOMAIN` - API_NULL_DOMAIN,\n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN,\n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN,\n * `LOCAL` - LOCAL,\n * `POSIX_GROUP` - POSIX_GROUP,\n * `POSIX_USER` - POSIX_USER,\n * `WORLD` - WORLD"
              },
              "auth_id": {
                "description": "auth_id",
                "type": "string"
              },
              "uid": {
                "description": "uid",
                "type": "number"
              },
              "gid": {
                "description": "gid",
                "type": "number"
              },
              "sid": {
                "description": "sid",
                "type": "string"
              },
              "name": {
                "description": "name",
                "type": "string"
              }
            }
          }
        }
      }
    },
    "admin_priv_rights": {
      "description": "Rights granted by possessing the administrator privilege.",
      "type": "array",
      "items": {
        "type": "string",
        "enum": [
          "READ",
          "READ_EA",
          "READ_ATTR",
          "READ_ACL",
          "WRITE_EA",
          "WRITE_ATTR",
          "WRITE_ACL",
          "CHANGE_OWNER",
          "WRITE_GROUP",
          "DELETE",
          "EXECUTE",
          "MODIFY",
          "EXTEND",
          "ADD_FILE",
          "ADD_SUBDIR",
          "DELETE_CHILD",
          "SYNCHRONIZE",
          "ALL"
        ],
        "description": "Rights granted by possessing the administrator privilege.:\n * `ADD_FILE` - API_FILES_ACCESS_ADD_FILE,\n * `ADD_SUBDIR` - API_FILES_ACCESS_ADD_SUBDIR,\n * `ALL` - API_FILES_ACCESS_ALL,\n * `CHANGE_OWNER` - API_FILES_ACCESS_CHANGE_OWNER,\n * `DELETE` - API_FILES_ACCESS_DELETE,\n * `DELETE_CHILD` - API_FILES_ACCESS_DELETE_CHILD,\n * `EXECUTE` - API_FILES_ACCESS_EXECUTE,\n * `EXTEND` - API_FILES_ACCESS_EXTEND,\n * `MODIFY` - API_FILES_ACCESS_MODIFY,\n * `READ` - API_FILES_ACCESS_READ,\n * `READ_ACL` - API_FILES_ACCESS_READ_ACL,\n * `READ_ATTR` - API_FILES_ACCESS_READ_ATTR,\n * `READ_EA` - API_FILES_ACCESS_READ_EA,\n * `SYNCHRONIZE` - API_FILES_ACCESS_SYNCHRONIZE,\n * `WRITE_ACL` - API_FILES_ACCESS_WRITE_ACL,\n * `WRITE_ATTR` - API_FILES_ACCESS_WRITE_ATTR,\n * `WRITE_EA` - API_FILES_ACCESS_WRITE_EA,\n * `WRITE_GROUP` - API_FILES_ACCESS_WRITE_GROUP"
      }
    },
    "read_attr_priv_rights": {
      "description": "Rights granted by possessing the privilege to read attributes.",
      "type": "array",
      "items": {
        "type": "string",
        "enum": [
          "READ",
          "READ_EA",
          "READ_ATTR",
          "READ_ACL",
          "WRITE_EA",
          "WRITE_ATTR",
          "WRITE_ACL",
          "CHANGE_OWNER",
          "WRITE_GROUP",
          "DELETE",
          "EXECUTE",
          "MODIFY",
          "EXTEND",
          "ADD_FILE",
          "ADD_SUBDIR",
          "DELETE_CHILD",
          "SYNCHRONIZE",
          "ALL"
        ],
        "description": "Rights granted by possessing the privilege to read attributes.:\n * `ADD_FILE` - API_FILES_ACCESS_ADD_FILE,\n * `ADD_SUBDIR` - API_FILES_ACCESS_ADD_SUBDIR,\n * `ALL` - API_FILES_ACCESS_ALL,\n * `CHANGE_OWNER` - API_FILES_ACCESS_CHANGE_OWNER,\n * `DELETE` - API_FILES_ACCESS_DELETE,\n * `DELETE_CHILD` - API_FILES_ACCESS_DELETE_CHILD,\n * `EXECUTE` - API_FILES_ACCESS_EXECUTE,\n * `EXTEND` - API_FILES_ACCESS_EXTEND,\n * `MODIFY` - API_FILES_ACCESS_MODIFY,\n * `READ` - API_FILES_ACCESS_READ,\n * `READ_ACL` - API_FILES_ACCESS_READ_ACL,\n * `READ_ATTR` - API_FILES_ACCESS_READ_ATTR,\n * `READ_EA` - API_FILES_ACCESS_READ_EA,\n * `SYNCHRONIZE` - API_FILES_ACCESS_SYNCHRONIZE,\n * `WRITE_ACL` - API_FILES_ACCESS_WRITE_ACL,\n * `WRITE_ATTR` - API_FILES_ACCESS_WRITE_ATTR,\n * `WRITE_EA` - API_FILES_ACCESS_WRITE_EA,\n * `WRITE_GROUP` - API_FILES_ACCESS_WRITE_GROUP"
      }
    },
    "annotated_aces": {
      "type": "array",
      "items": {
        "description": "An ACE-by-ACE explanation of rights granted to the user.",
        "type": "object",
        "properties": {
          "ace": {
            "description": "Exact copy of the FS ACE.",
            "type": "object",
            "properties": {
              "type": {
                "type": "string",
                "enum": [
                  "ALLOWED",
                  "DENIED"
                ],
                "description": "Type of this ACL entry:\n * `ALLOWED` - API_FILES_ACE_TYPE_ALLOWED,\n * `DENIED` - API_FILES_ACE_TYPE_DENIED"
              },
              "flags": {
                "description": "ACE flags for this ACL entry",
                "type": "array",
                "items": {
                  "type": "string",
                  "enum": [
                    "OBJECT_INHERIT",
                    "CONTAINER_INHERIT",
                    "NO_PROPAGATE_INHERIT",
                    "INHERIT_ONLY",
                    "INHERITED",
                    "ALL"
                  ],
                  "description": "ACE flags for this ACL entry:\n * `ALL` - API_FILES_ACE_FLAG_ALL,\n * `CONTAINER_INHERIT` - API_FILES_ACE_FLAG_CONTAINER_INHERIT,\n * `INHERITED` - API_FILES_ACE_FLAG_INHERITED,\n * `INHERIT_ONLY` - API_FILES_ACE_FLAG_INHERIT_ONLY,\n * `NO_PROPAGATE_INHERIT` - API_FILES_ACE_FLAG_NO_PROPAGATE_INHERIT,\n * `OBJECT_INHERIT` - API_FILES_ACE_FLAG_OBJECT_INHERIT"
                }
              },
              "trustee": {
                "description": "Trustee for this ACL entry",
                "type": "object",
                "properties": {
                  "domain": {
                    "type": "string",
                    "enum": [
                      "LOCAL",
                      "API_NULL_DOMAIN",
                      "WORLD",
                      "POSIX_USER",
                      "POSIX_GROUP",
                      "ACTIVE_DIRECTORY",
                      "API_INVALID_DOMAIN",
                      "API_RESERVED_DOMAIN",
                      "API_INTERNAL_DOMAIN",
                      "API_OPERATOR_DOMAIN",
                      "API_CREATOR_DOMAIN"
                    ],
                    "description": "domain:\n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY,\n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN,\n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN,\n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN,\n * `API_NULL_DOMAIN` - API_NULL_DOMAIN,\n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN,\n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN,\n * `LOCAL` - LOCAL,\n * `POSIX_GROUP` - POSIX_GROUP,\n * `POSIX_USER` - POSIX_USER,\n * `WORLD` - WORLD"
                  },
                  "auth_id": {
                    "description": "auth_id",
                    "type": "string"
                  },
                  "uid": {
                    "description": "uid",
                    "type": "number"
                  },
                  "gid": {
                    "description": "gid",
                    "type": "number"
                  },
                  "sid": {
                    "description": "sid",
                    "type": "string"
                  },
                  "name": {
                    "description": "name",
                    "type": "string"
                  }
                }
              },
              "rights": {
                "description": "Rights granted or denied for this ACL entry",
                "type": "array",
                "items": {
                  "type": "string",
                  "enum": [
                    "READ",
                    "READ_EA",
                    "READ_ATTR",
                    "READ_ACL",
                    "WRITE_EA",
                    "WRITE_ATTR",
                    "WRITE_ACL",
                    "CHANGE_OWNER",
                    "WRITE_GROUP",
                    "DELETE",
                    "EXECUTE",
                    "MODIFY",
                    "EXTEND",
                    "ADD_FILE",
                    "ADD_SUBDIR",
                    "DELETE_CHILD",
                    "SYNCHRONIZE",
                    "ALL"
                  ],
                  "description": "Rights granted or denied for this ACL entry:\n * `ADD_FILE` - API_FILES_ACCESS_ADD_FILE,\n * `ADD_SUBDIR` - API_FILES_ACCESS_ADD_SUBDIR,\n * `ALL` - API_FILES_ACCESS_ALL,\n * `CHANGE_OWNER` - API_FILES_ACCESS_CHANGE_OWNER,\n * `DELETE` - API_FILES_ACCESS_DELETE,\n * `DELETE_CHILD` - API_FILES_ACCESS_DELETE_CHILD,\n * `EXECUTE` - API_FILES_ACCESS_EXECUTE,\n * `EXTEND` - API_FILES_ACCESS_EXTEND,\n * `MODIFY` - API_FILES_ACCESS_MODIFY,\n * `READ` - API_FILES_ACCESS_READ,\n * `READ_ACL` - API_FILES_ACCESS_READ_ACL,\n * `READ_ATTR` - API_FILES_ACCESS_READ_ATTR,\n * `READ_EA` - API_FILES_ACCESS_READ_EA,\n * `SYNCHRONIZE` - API_FILES_ACCESS_SYNCHRONIZE,\n * `WRITE_ACL` - API_FILES_ACCESS_WRITE_ACL,\n * `WRITE_ATTR` - API_FILES_ACCESS_WRITE_ATTR,\n * `WRITE_EA` - API_FILES_ACCESS_WRITE_EA,\n * `WRITE_GROUP` - API_FILES_ACCESS_WRITE_GROUP"
                }
              }
            }
          },
          "trustee_matches": {
            "description": "Whether this ACE's trustee matches the user in question.",
            "type": "boolean"
          },
          "skipped_inherit_only": {
            "description": "Whether this ACE does not affect rights due to being inherit-only.",
            "type": "boolean"
          },
          "newly_allowed": {
            "description": "Rights allowed by the current ACE.",
            "type": "array",
            "items": {
              "type": "string",
              "enum": [
                "READ",
                "READ_EA",
                "READ_ATTR",
                "READ_ACL",
                "WRITE_EA",
                "WRITE_ATTR",
                "WRITE_ACL",
                "CHANGE_OWNER",
                "WRITE_GROUP",
                "DELETE",
                "EXECUTE",
                "MODIFY",
                "EXTEND",
                "ADD_FILE",
                "ADD_SUBDIR",
                "DELETE_CHILD",
                "SYNCHRONIZE",
                "ALL"
              ],
              "description": "Rights allowed by the current ACE.:\n * `ADD_FILE` - API_FILES_ACCESS_ADD_FILE,\n * `ADD_SUBDIR` - API_FILES_ACCESS_ADD_SUBDIR,\n * `ALL` - API_FILES_ACCESS_ALL,\n * `CHANGE_OWNER` - API_FILES_ACCESS_CHANGE_OWNER,\n * `DELETE` - API_FILES_ACCESS_DELETE,\n * `DELETE_CHILD` - API_FILES_ACCESS_DELETE_CHILD,\n * `EXECUTE` - API_FILES_ACCESS_EXECUTE,\n * `EXTEND` - API_FILES_ACCESS_EXTEND,\n * `MODIFY` - API_FILES_ACCESS_MODIFY,\n * `READ` - API_FILES_ACCESS_READ,\n * `READ_ACL` - API_FILES_ACCESS_READ_ACL,\n * `READ_ATTR` - API_FILES_ACCESS_READ_ATTR,\n * `READ_EA` - API_FILES_ACCESS_READ_EA,\n * `SYNCHRONIZE` - API_FILES_ACCESS_SYNCHRONIZE,\n * `WRITE_ACL` - API_FILES_ACCESS_WRITE_ACL,\n * `WRITE_ATTR` - API_FILES_ACCESS_WRITE_ATTR,\n * `WRITE_EA` - API_FILES_ACCESS_WRITE_EA,\n * `WRITE_GROUP` - API_FILES_ACCESS_WRITE_GROUP"
            }
          },
          "cumulative_allowed": {
            "description": "Rights allowed in total so far.",
            "type": "array",
            "items": {
              "type": "string",
              "enum": [
                "READ",
                "READ_EA",
                "READ_ATTR",
                "READ_ACL",
                "WRITE_EA",
                "WRITE_ATTR",
                "WRITE_ACL",
                "CHANGE_OWNER",
                "WRITE_GROUP",
                "DELETE",
                "EXECUTE",
                "MODIFY",
                "EXTEND",
                "ADD_FILE",
                "ADD_SUBDIR",
                "DELETE_CHILD",
                "SYNCHRONIZE",
                "ALL"
              ],
              "description": "Rights allowed in total so far.:\n * `ADD_FILE` - API_FILES_ACCESS_ADD_FILE,\n * `ADD_SUBDIR` - API_FILES_ACCESS_ADD_SUBDIR,\n * `ALL` - API_FILES_ACCESS_ALL,\n * `CHANGE_OWNER` - API_FILES_ACCESS_CHANGE_OWNER,\n * `DELETE` - API_FILES_ACCESS_DELETE,\n * `DELETE_CHILD` - API_FILES_ACCESS_DELETE_CHILD,\n * `EXECUTE` - API_FILES_ACCESS_EXECUTE,\n * `EXTEND` - API_FILES_ACCESS_EXTEND,\n * `MODIFY` - API_FILES_ACCESS_MODIFY,\n * `READ` - API_FILES_ACCESS_READ,\n * `READ_ACL` - API_FILES_ACCESS_READ_ACL,\n * `READ_ATTR` - API_FILES_ACCESS_READ_ATTR,\n * `READ_EA` - API_FILES_ACCESS_READ_EA,\n * `SYNCHRONIZE` - API_FILES_ACCESS_SYNCHRONIZE,\n * `WRITE_ACL` - API_FILES_ACCESS_WRITE_ACL,\n * `WRITE_ATTR` - API_FILES_ACCESS_WRITE_ATTR,\n * `WRITE_EA` - API_FILES_ACCESS_WRITE_EA,\n * `WRITE_GROUP` - API_FILES_ACCESS_WRITE_GROUP"
            }
          },
          "newly_denied": {
            "description": "Rights denied by the current ACE.",
            "type": "array",
            "items": {
              "type": "string",
              "enum": [
                "READ",
                "READ_EA",
                "READ_ATTR",
                "READ_ACL",
                "WRITE_EA",
                "WRITE_ATTR",
                "WRITE_ACL",
                "CHANGE_OWNER",
                "WRITE_GROUP",
                "DELETE",
                "EXECUTE",
                "MODIFY",
                "EXTEND",
                "ADD_FILE",
                "ADD_SUBDIR",
                "DELETE_CHILD",
                "SYNCHRONIZE",
                "ALL"
              ],
              "description": "Rights denied by the current ACE.:\n * `ADD_FILE` - API_FILES_ACCESS_ADD_FILE,\n * `ADD_SUBDIR` - API_FILES_ACCESS_ADD_SUBDIR,\n * `ALL` - API_FILES_ACCESS_ALL,\n * `CHANGE_OWNER` - API_FILES_ACCESS_CHANGE_OWNER,\n * `DELETE` - API_FILES_ACCESS_DELETE,\n * `DELETE_CHILD` - API_FILES_ACCESS_DELETE_CHILD,\n * `EXECUTE` - API_FILES_ACCESS_EXECUTE,\n * `EXTEND` - API_FILES_ACCESS_EXTEND,\n * `MODIFY` - API_FILES_ACCESS_MODIFY,\n * `READ` - API_FILES_ACCESS_READ,\n * `READ_ACL` - API_FILES_ACCESS_READ_ACL,\n * `READ_ATTR` - API_FILES_ACCESS_READ_ATTR,\n * `READ_EA` - API_FILES_ACCESS_READ_EA,\n * `SYNCHRONIZE` - API_FILES_ACCESS_SYNCHRONIZE,\n * `WRITE_ACL` - API_FILES_ACCESS_WRITE_ACL,\n * `WRITE_ATTR` - API_FILES_ACCESS_WRITE_ATTR,\n * `WRITE_EA` - API_FILES_ACCESS_WRITE_EA,\n * `WRITE_GROUP` - API_FILES_ACCESS_WRITE_GROUP"
            }
          },
          "cumulative_denied": {
            "description": "Rights denied in total so far.",
            "type": "array",
            "items": {
              "type": "string",
              "enum": [
                "READ",
                "READ_EA",
                "READ_ATTR",
                "READ_ACL",
                "WRITE_EA",
                "WRITE_ATTR",
                "WRITE_ACL",
                "CHANGE_OWNER",
                "WRITE_GROUP",
                "DELETE",
                "EXECUTE",
                "MODIFY",
                "EXTEND",
                "ADD_FILE",
                "ADD_SUBDIR",
                "DELETE_CHILD",
                "SYNCHRONIZE",
                "ALL"
              ],
              "description": "Rights denied in total so far.:\n * `ADD_FILE` - API_FILES_ACCESS_ADD_FILE,\n * `ADD_SUBDIR` - API_FILES_ACCESS_ADD_SUBDIR,\n * `ALL` - API_FILES_ACCESS_ALL,\n * `CHANGE_OWNER` - API_FILES_ACCESS_CHANGE_OWNER,\n * `DELETE` - API_FILES_ACCESS_DELETE,\n * `DELETE_CHILD` - API_FILES_ACCESS_DELETE_CHILD,\n * `EXECUTE` - API_FILES_ACCESS_EXECUTE,\n * `EXTEND` - API_FILES_ACCESS_EXTEND,\n * `MODIFY` - API_FILES_ACCESS_MODIFY,\n * `READ` - API_FILES_ACCESS_READ,\n * `READ_ACL` - API_FILES_ACCESS_READ_ACL,\n * `READ_ATTR` - API_FILES_ACCESS_READ_ATTR,\n * `READ_EA` - API_FILES_ACCESS_READ_EA,\n * `SYNCHRONIZE` - API_FILES_ACCESS_SYNCHRONIZE,\n * `WRITE_ACL` - API_FILES_ACCESS_WRITE_ACL,\n * `WRITE_ATTR` - API_FILES_ACCESS_WRITE_ATTR,\n * `WRITE_EA` - API_FILES_ACCESS_WRITE_EA,\n * `WRITE_GROUP` - API_FILES_ACCESS_WRITE_GROUP"
            }
          }
        }
      }
    },
    "rights_from_aces": {
      "description": "Rights granted by the file or directory's ACEs.",
      "type": "array",
      "items": {
        "type": "string",
        "enum": [
          "READ",
          "READ_EA",
          "READ_ATTR",
          "READ_ACL",
          "WRITE_EA",
          "WRITE_ATTR",
          "WRITE_ACL",
          "CHANGE_OWNER",
          "WRITE_GROUP",
          "DELETE",
          "EXECUTE",
          "MODIFY",
          "EXTEND",
          "ADD_FILE",
          "ADD_SUBDIR",
          "DELETE_CHILD",
          "SYNCHRONIZE",
          "ALL"
        ],
        "description": "Rights granted by the file or directory's ACEs.:\n * `ADD_FILE` - API_FILES_ACCESS_ADD_FILE,\n * `ADD_SUBDIR` - API_FILES_ACCESS_ADD_SUBDIR,\n * `ALL` - API_FILES_ACCESS_ALL,\n * `CHANGE_OWNER` - API_FILES_ACCESS_CHANGE_OWNER,\n * `DELETE` - API_FILES_ACCESS_DELETE,\n * `DELETE_CHILD` - API_FILES_ACCESS_DELETE_CHILD,\n * `EXECUTE` - API_FILES_ACCESS_EXECUTE,\n * `EXTEND` - API_FILES_ACCESS_EXTEND,\n * `MODIFY` - API_FILES_ACCESS_MODIFY,\n * `READ` - API_FILES_ACCESS_READ,\n * `READ_ACL` - API_FILES_ACCESS_READ_ACL,\n * `READ_ATTR` - API_FILES_ACCESS_READ_ATTR,\n * `READ_EA` - API_FILES_ACCESS_READ_EA,\n * `SYNCHRONIZE` - API_FILES_ACCESS_SYNCHRONIZE,\n * `WRITE_ACL` - API_FILES_ACCESS_WRITE_ACL,\n * `WRITE_ATTR` - API_FILES_ACCESS_WRITE_ATTR,\n * `WRITE_EA` - API_FILES_ACCESS_WRITE_EA,\n * `WRITE_GROUP` - API_FILES_ACCESS_WRITE_GROUP"
      }
    },
    "implicit_owner_rights_suppressed_by_ace": {
      "description": "Whether implicit rights for the owner were suppressed by an ACE for the well-known Owner Rights principal.",
      "type": "boolean"
    },
    "implicit_owner_rights": {
      "description": "Rights implicitly granted because the user in question owns the file or directory.",
      "type": "array",
      "items": {
        "type": "string",
        "enum": [
          "READ",
          "READ_EA",
          "READ_ATTR",
          "READ_ACL",
          "WRITE_EA",
          "WRITE_ATTR",
          "WRITE_ACL",
          "CHANGE_OWNER",
          "WRITE_GROUP",
          "DELETE",
          "EXECUTE",
          "MODIFY",
          "EXTEND",
          "ADD_FILE",
          "ADD_SUBDIR",
          "DELETE_CHILD",
          "SYNCHRONIZE",
          "ALL"
        ],
        "description": "Rights implicitly granted because the user in question owns the file or directory.:\n * `ADD_FILE` - API_FILES_ACCESS_ADD_FILE,\n * `ADD_SUBDIR` - API_FILES_ACCESS_ADD_SUBDIR,\n * `ALL` - API_FILES_ACCESS_ALL,\n * `CHANGE_OWNER` - API_FILES_ACCESS_CHANGE_OWNER,\n * `DELETE` - API_FILES_ACCESS_DELETE,\n * `DELETE_CHILD` - API_FILES_ACCESS_DELETE_CHILD,\n * `EXECUTE` - API_FILES_ACCESS_EXECUTE,\n * `EXTEND` - API_FILES_ACCESS_EXTEND,\n * `MODIFY` - API_FILES_ACCESS_MODIFY,\n * `READ` - API_FILES_ACCESS_READ,\n * `READ_ACL` - API_FILES_ACCESS_READ_ACL,\n * `READ_ATTR` - API_FILES_ACCESS_READ_ATTR,\n * `READ_EA` - API_FILES_ACCESS_READ_EA,\n * `SYNCHRONIZE` - API_FILES_ACCESS_SYNCHRONIZE,\n * `WRITE_ACL` - API_FILES_ACCESS_WRITE_ACL,\n * `WRITE_ATTR` - API_FILES_ACCESS_WRITE_ATTR,\n * `WRITE_EA` - API_FILES_ACCESS_WRITE_EA,\n * `WRITE_GROUP` - API_FILES_ACCESS_WRITE_GROUP"
      }
    },
    "implicit_rights_from_parent": {
      "description": "Rights implicitly granted by this file or directory's container.",
      "type": "array",
      "items": {
        "type": "string",
        "enum": [
          "READ",
          "READ_EA",
          "READ_ATTR",
          "READ_ACL",
          "WRITE_EA",
          "WRITE_ATTR",
          "WRITE_ACL",
          "CHANGE_OWNER",
          "WRITE_GROUP",
          "DELETE",
          "EXECUTE",
          "MODIFY",
          "EXTEND",
          "ADD_FILE",
          "ADD_SUBDIR",
          "DELETE_CHILD",
          "SYNCHRONIZE",
          "ALL"
        ],
        "description": "Rights implicitly granted by this file or directory's container.:\n * `ADD_FILE` - API_FILES_ACCESS_ADD_FILE,\n * `ADD_SUBDIR` - API_FILES_ACCESS_ADD_SUBDIR,\n * `ALL` - API_FILES_ACCESS_ALL,\n * `CHANGE_OWNER` - API_FILES_ACCESS_CHANGE_OWNER,\n * `DELETE` - API_FILES_ACCESS_DELETE,\n * `DELETE_CHILD` - API_FILES_ACCESS_DELETE_CHILD,\n * `EXECUTE` - API_FILES_ACCESS_EXECUTE,\n * `EXTEND` - API_FILES_ACCESS_EXTEND,\n * `MODIFY` - API_FILES_ACCESS_MODIFY,\n * `READ` - API_FILES_ACCESS_READ,\n * `READ_ACL` - API_FILES_ACCESS_READ_ACL,\n * `READ_ATTR` - API_FILES_ACCESS_READ_ATTR,\n * `READ_EA` - API_FILES_ACCESS_READ_EA,\n * `SYNCHRONIZE` - API_FILES_ACCESS_SYNCHRONIZE,\n * `WRITE_ACL` - API_FILES_ACCESS_WRITE_ACL,\n * `WRITE_ATTR` - API_FILES_ACCESS_WRITE_ATTR,\n * `WRITE_EA` - API_FILES_ACCESS_WRITE_EA,\n * `WRITE_GROUP` - API_FILES_ACCESS_WRITE_GROUP"
      }
    },
    "implicit_rights": {
      "description": "Cumulative rights implicitly granted.",
      "type": "array",
      "items": {
        "type": "string",
        "enum": [
          "READ",
          "READ_EA",
          "READ_ATTR",
          "READ_ACL",
          "WRITE_EA",
          "WRITE_ATTR",
          "WRITE_ACL",
          "CHANGE_OWNER",
          "WRITE_GROUP",
          "DELETE",
          "EXECUTE",
          "MODIFY",
          "EXTEND",
          "ADD_FILE",
          "ADD_SUBDIR",
          "DELETE_CHILD",
          "SYNCHRONIZE",
          "ALL"
        ],
        "description": "Cumulative rights implicitly granted.:\n * `ADD_FILE` - API_FILES_ACCESS_ADD_FILE,\n * `ADD_SUBDIR` - API_FILES_ACCESS_ADD_SUBDIR,\n * `ALL` - API_FILES_ACCESS_ALL,\n * `CHANGE_OWNER` - API_FILES_ACCESS_CHANGE_OWNER,\n * `DELETE` - API_FILES_ACCESS_DELETE,\n * `DELETE_CHILD` - API_FILES_ACCESS_DELETE_CHILD,\n * `EXECUTE` - API_FILES_ACCESS_EXECUTE,\n * `EXTEND` - API_FILES_ACCESS_EXTEND,\n * `MODIFY` - API_FILES_ACCESS_MODIFY,\n * `READ` - API_FILES_ACCESS_READ,\n * `READ_ACL` - API_FILES_ACCESS_READ_ACL,\n * `READ_ATTR` - API_FILES_ACCESS_READ_ATTR,\n * `READ_EA` - API_FILES_ACCESS_READ_EA,\n * `SYNCHRONIZE` - API_FILES_ACCESS_SYNCHRONIZE,\n * `WRITE_ACL` - API_FILES_ACCESS_WRITE_ACL,\n * `WRITE_ATTR` - API_FILES_ACCESS_WRITE_ATTR,\n * `WRITE_EA` - API_FILES_ACCESS_WRITE_EA,\n * `WRITE_GROUP` - API_FILES_ACCESS_WRITE_GROUP"
      }
    },
    "is_read_only": {
      "description": "Whether the file or directory in question is in read-only mode.",
      "type": "boolean"
    },
    "max_rights": {
      "description": "Maximum rights which may be granted based on share permissions.",
      "type": "array",
      "items": {
        "type": "string",
        "enum": [
          "READ",
          "READ_EA",
          "READ_ATTR",
          "READ_ACL",
          "WRITE_EA",
          "WRITE_ATTR",
          "WRITE_ACL",
          "CHANGE_OWNER",
          "WRITE_GROUP",
          "DELETE",
          "EXECUTE",
          "MODIFY",
          "EXTEND",
          "ADD_FILE",
          "ADD_SUBDIR",
          "DELETE_CHILD",
          "SYNCHRONIZE",
          "ALL"
        ],
        "description": "Maximum rights which may be granted based on share permissions.:\n * `ADD_FILE` - API_FILES_ACCESS_ADD_FILE,\n * `ADD_SUBDIR` - API_FILES_ACCESS_ADD_SUBDIR,\n * `ALL` - API_FILES_ACCESS_ALL,\n * `CHANGE_OWNER` - API_FILES_ACCESS_CHANGE_OWNER,\n * `DELETE` - API_FILES_ACCESS_DELETE,\n * `DELETE_CHILD` - API_FILES_ACCESS_DELETE_CHILD,\n * `EXECUTE` - API_FILES_ACCESS_EXECUTE,\n * `EXTEND` - API_FILES_ACCESS_EXTEND,\n * `MODIFY` - API_FILES_ACCESS_MODIFY,\n * `READ` - API_FILES_ACCESS_READ,\n * `READ_ACL` - API_FILES_ACCESS_READ_ACL,\n * `READ_ATTR` - API_FILES_ACCESS_READ_ATTR,\n * `READ_EA` - API_FILES_ACCESS_READ_EA,\n * `SYNCHRONIZE` - API_FILES_ACCESS_SYNCHRONIZE,\n * `WRITE_ACL` - API_FILES_ACCESS_WRITE_ACL,\n * `WRITE_ATTR` - API_FILES_ACCESS_WRITE_ATTR,\n * `WRITE_EA` - API_FILES_ACCESS_WRITE_EA,\n * `WRITE_GROUP` - API_FILES_ACCESS_WRITE_GROUP"
      }
    },
    "effective_rights": {
      "description": "Effective rights granted to the user in question for the file or directory.",
      "type": "array",
      "items": {
        "type": "string",
        "enum": [
          "READ",
          "READ_EA",
          "READ_ATTR",
          "READ_ACL",
          "WRITE_EA",
          "WRITE_ATTR",
          "WRITE_ACL",
          "CHANGE_OWNER",
          "WRITE_GROUP",
          "DELETE",
          "EXECUTE",
          "MODIFY",
          "EXTEND",
          "ADD_FILE",
          "ADD_SUBDIR",
          "DELETE_CHILD",
          "SYNCHRONIZE",
          "ALL"
        ],
        "description": "Effective rights granted to the user in question for the file or directory.:\n * `ADD_FILE` - API_FILES_ACCESS_ADD_FILE,\n * `ADD_SUBDIR` - API_FILES_ACCESS_ADD_SUBDIR,\n * `ALL` - API_FILES_ACCESS_ALL,\n * `CHANGE_OWNER` - API_FILES_ACCESS_CHANGE_OWNER,\n * `DELETE` - API_FILES_ACCESS_DELETE,\n * `DELETE_CHILD` - API_FILES_ACCESS_DELETE_CHILD,\n * `EXECUTE` - API_FILES_ACCESS_EXECUTE,\n * `EXTEND` - API_FILES_ACCESS_EXTEND,\n * `MODIFY` - API_FILES_ACCESS_MODIFY,\n * `READ` - API_FILES_ACCESS_READ,\n * `READ_ACL` - API_FILES_ACCESS_READ_ACL,\n * `READ_ATTR` - API_FILES_ACCESS_READ_ATTR,\n * `READ_EA` - API_FILES_ACCESS_READ_EA,\n * `SYNCHRONIZE` - API_FILES_ACCESS_SYNCHRONIZE,\n * `WRITE_ACL` - API_FILES_ACCESS_WRITE_ACL,\n * `WRITE_ATTR` - API_FILES_ACCESS_WRITE_ATTR,\n * `WRITE_EA` - API_FILES_ACCESS_WRITE_EA,\n * `WRITE_GROUP` - API_FILES_ACCESS_WRITE_GROUP"
      }
    }
  }
}