Endpoint

/v1/files/{ref}/info/acl/explain-set-mode

POST

Explain the effect of setting a POSIX mode on a file/directory.

Parameters

Name Description Required
ref The file ID or the absolute path to the file system object. File IDs can be found in the id field of responses of APIs that return file attributes. You must URL-encode the paths. The APIs & Tools page in the Qumulo Core Web UI URL-encodes the paths. Yes
snapshot The snapshot ID that specifies the version of the filesystem to use. If not specified, use the head version. No

Request

Schema

{
  "description": "api_files_apply_mode_explanation_post",
  "type": "object",
  "properties": {
    "mode": {
      "description": "POSIX mode to explain application of on a file ACL.",
      "type": "string"
    }
  }
}

Response

Codes

Code Description
200 Return value on success

Schema

{
  "description": "api_files_apply_mode_explanation",
  "type": "object",
  "properties": {
    "owner": {
      "description": "The user that owns the file.",
      "type": "object",
      "properties": {
        "domain": {
          "type": "string",
          "enum": [
            "LOCAL",
            "API_NULL_DOMAIN",
            "WORLD",
            "POSIX_USER",
            "POSIX_GROUP",
            "ACTIVE_DIRECTORY",
            "API_INVALID_DOMAIN",
            "API_RESERVED_DOMAIN",
            "API_INTERNAL_DOMAIN",
            "API_OPERATOR_DOMAIN",
            "API_CREATOR_DOMAIN"
          ],
          "description": "domain:\n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY,\n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN,\n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN,\n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN,\n * `API_NULL_DOMAIN` - API_NULL_DOMAIN,\n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN,\n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN,\n * `LOCAL` - LOCAL,\n * `POSIX_GROUP` - POSIX_GROUP,\n * `POSIX_USER` - POSIX_USER,\n * `WORLD` - WORLD"
        },
        "auth_id": {
          "description": "auth_id",
          "type": "string"
        },
        "uid": {
          "description": "uid",
          "type": "number"
        },
        "gid": {
          "description": "gid",
          "type": "number"
        },
        "sid": {
          "description": "sid",
          "type": "string"
        },
        "name": {
          "description": "name",
          "type": "string"
        }
      }
    },
    "group_owner": {
      "description": "The group-owner for the file.",
      "type": "object",
      "properties": {
        "domain": {
          "type": "string",
          "enum": [
            "LOCAL",
            "API_NULL_DOMAIN",
            "WORLD",
            "POSIX_USER",
            "POSIX_GROUP",
            "ACTIVE_DIRECTORY",
            "API_INVALID_DOMAIN",
            "API_RESERVED_DOMAIN",
            "API_INTERNAL_DOMAIN",
            "API_OPERATOR_DOMAIN",
            "API_CREATOR_DOMAIN"
          ],
          "description": "domain:\n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY,\n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN,\n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN,\n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN,\n * `API_NULL_DOMAIN` - API_NULL_DOMAIN,\n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN,\n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN,\n * `LOCAL` - LOCAL,\n * `POSIX_GROUP` - POSIX_GROUP,\n * `POSIX_USER` - POSIX_USER,\n * `WORLD` - WORLD"
        },
        "auth_id": {
          "description": "auth_id",
          "type": "string"
        },
        "uid": {
          "description": "uid",
          "type": "number"
        },
        "gid": {
          "description": "gid",
          "type": "number"
        },
        "sid": {
          "description": "sid",
          "type": "string"
        },
        "name": {
          "description": "name",
          "type": "string"
        }
      }
    },
    "owner_rights_from_mode": {
      "description": "The rights granted to the POSIX owner by the requested mode.",
      "type": "array",
      "items": {
        "type": "string",
        "enum": [
          "READ",
          "READ_EA",
          "READ_ATTR",
          "READ_ACL",
          "WRITE_EA",
          "WRITE_ATTR",
          "WRITE_ACL",
          "CHANGE_OWNER",
          "WRITE_GROUP",
          "DELETE",
          "EXECUTE",
          "MODIFY",
          "EXTEND",
          "ADD_FILE",
          "ADD_SUBDIR",
          "DELETE_CHILD",
          "SYNCHRONIZE",
          "ALL"
        ],
        "description": "The rights granted to the POSIX owner by the requested mode.:\n * `ADD_FILE` - API_FILES_ACCESS_ADD_FILE,\n * `ADD_SUBDIR` - API_FILES_ACCESS_ADD_SUBDIR,\n * `ALL` - API_FILES_ACCESS_ALL,\n * `CHANGE_OWNER` - API_FILES_ACCESS_CHANGE_OWNER,\n * `DELETE` - API_FILES_ACCESS_DELETE,\n * `DELETE_CHILD` - API_FILES_ACCESS_DELETE_CHILD,\n * `EXECUTE` - API_FILES_ACCESS_EXECUTE,\n * `EXTEND` - API_FILES_ACCESS_EXTEND,\n * `MODIFY` - API_FILES_ACCESS_MODIFY,\n * `READ` - API_FILES_ACCESS_READ,\n * `READ_ACL` - API_FILES_ACCESS_READ_ACL,\n * `READ_ATTR` - API_FILES_ACCESS_READ_ATTR,\n * `READ_EA` - API_FILES_ACCESS_READ_EA,\n * `SYNCHRONIZE` - API_FILES_ACCESS_SYNCHRONIZE,\n * `WRITE_ACL` - API_FILES_ACCESS_WRITE_ACL,\n * `WRITE_ATTR` - API_FILES_ACCESS_WRITE_ATTR,\n * `WRITE_EA` - API_FILES_ACCESS_WRITE_EA,\n * `WRITE_GROUP` - API_FILES_ACCESS_WRITE_GROUP"
      }
    },
    "group_rights_from_mode": {
      "description": "The rights granted to the POSIX group by the requested mode.",
      "type": "array",
      "items": {
        "type": "string",
        "enum": [
          "READ",
          "READ_EA",
          "READ_ATTR",
          "READ_ACL",
          "WRITE_EA",
          "WRITE_ATTR",
          "WRITE_ACL",
          "CHANGE_OWNER",
          "WRITE_GROUP",
          "DELETE",
          "EXECUTE",
          "MODIFY",
          "EXTEND",
          "ADD_FILE",
          "ADD_SUBDIR",
          "DELETE_CHILD",
          "SYNCHRONIZE",
          "ALL"
        ],
        "description": "The rights granted to the POSIX group by the requested mode.:\n * `ADD_FILE` - API_FILES_ACCESS_ADD_FILE,\n * `ADD_SUBDIR` - API_FILES_ACCESS_ADD_SUBDIR,\n * `ALL` - API_FILES_ACCESS_ALL,\n * `CHANGE_OWNER` - API_FILES_ACCESS_CHANGE_OWNER,\n * `DELETE` - API_FILES_ACCESS_DELETE,\n * `DELETE_CHILD` - API_FILES_ACCESS_DELETE_CHILD,\n * `EXECUTE` - API_FILES_ACCESS_EXECUTE,\n * `EXTEND` - API_FILES_ACCESS_EXTEND,\n * `MODIFY` - API_FILES_ACCESS_MODIFY,\n * `READ` - API_FILES_ACCESS_READ,\n * `READ_ACL` - API_FILES_ACCESS_READ_ACL,\n * `READ_ATTR` - API_FILES_ACCESS_READ_ATTR,\n * `READ_EA` - API_FILES_ACCESS_READ_EA,\n * `SYNCHRONIZE` - API_FILES_ACCESS_SYNCHRONIZE,\n * `WRITE_ACL` - API_FILES_ACCESS_WRITE_ACL,\n * `WRITE_ATTR` - API_FILES_ACCESS_WRITE_ATTR,\n * `WRITE_EA` - API_FILES_ACCESS_WRITE_EA,\n * `WRITE_GROUP` - API_FILES_ACCESS_WRITE_GROUP"
      }
    },
    "other_rights_from_mode": {
      "description": "The rights granted to the POSIX other by the requested mode.",
      "type": "array",
      "items": {
        "type": "string",
        "enum": [
          "READ",
          "READ_EA",
          "READ_ATTR",
          "READ_ACL",
          "WRITE_EA",
          "WRITE_ATTR",
          "WRITE_ACL",
          "CHANGE_OWNER",
          "WRITE_GROUP",
          "DELETE",
          "EXECUTE",
          "MODIFY",
          "EXTEND",
          "ADD_FILE",
          "ADD_SUBDIR",
          "DELETE_CHILD",
          "SYNCHRONIZE",
          "ALL"
        ],
        "description": "The rights granted to the POSIX other by the requested mode.:\n * `ADD_FILE` - API_FILES_ACCESS_ADD_FILE,\n * `ADD_SUBDIR` - API_FILES_ACCESS_ADD_SUBDIR,\n * `ALL` - API_FILES_ACCESS_ALL,\n * `CHANGE_OWNER` - API_FILES_ACCESS_CHANGE_OWNER,\n * `DELETE` - API_FILES_ACCESS_DELETE,\n * `DELETE_CHILD` - API_FILES_ACCESS_DELETE_CHILD,\n * `EXECUTE` - API_FILES_ACCESS_EXECUTE,\n * `EXTEND` - API_FILES_ACCESS_EXTEND,\n * `MODIFY` - API_FILES_ACCESS_MODIFY,\n * `READ` - API_FILES_ACCESS_READ,\n * `READ_ACL` - API_FILES_ACCESS_READ_ACL,\n * `READ_ATTR` - API_FILES_ACCESS_READ_ATTR,\n * `READ_EA` - API_FILES_ACCESS_READ_EA,\n * `SYNCHRONIZE` - API_FILES_ACCESS_SYNCHRONIZE,\n * `WRITE_ACL` - API_FILES_ACCESS_WRITE_ACL,\n * `WRITE_ATTR` - API_FILES_ACCESS_WRITE_ATTR,\n * `WRITE_EA` - API_FILES_ACCESS_WRITE_EA,\n * `WRITE_GROUP` - API_FILES_ACCESS_WRITE_GROUP"
      }
    },
    "max_extra_ace_allow": {
      "description": "The maximum rights that any extra allow ACE can specify.",
      "type": "array",
      "items": {
        "type": "string",
        "enum": [
          "READ",
          "READ_EA",
          "READ_ATTR",
          "READ_ACL",
          "WRITE_EA",
          "WRITE_ATTR",
          "WRITE_ACL",
          "CHANGE_OWNER",
          "WRITE_GROUP",
          "DELETE",
          "EXECUTE",
          "MODIFY",
          "EXTEND",
          "ADD_FILE",
          "ADD_SUBDIR",
          "DELETE_CHILD",
          "SYNCHRONIZE",
          "ALL"
        ],
        "description": "The maximum rights that any extra allow ACE can specify.:\n * `ADD_FILE` - API_FILES_ACCESS_ADD_FILE,\n * `ADD_SUBDIR` - API_FILES_ACCESS_ADD_SUBDIR,\n * `ALL` - API_FILES_ACCESS_ALL,\n * `CHANGE_OWNER` - API_FILES_ACCESS_CHANGE_OWNER,\n * `DELETE` - API_FILES_ACCESS_DELETE,\n * `DELETE_CHILD` - API_FILES_ACCESS_DELETE_CHILD,\n * `EXECUTE` - API_FILES_ACCESS_EXECUTE,\n * `EXTEND` - API_FILES_ACCESS_EXTEND,\n * `MODIFY` - API_FILES_ACCESS_MODIFY,\n * `READ` - API_FILES_ACCESS_READ,\n * `READ_ACL` - API_FILES_ACCESS_READ_ACL,\n * `READ_ATTR` - API_FILES_ACCESS_READ_ATTR,\n * `READ_EA` - API_FILES_ACCESS_READ_EA,\n * `SYNCHRONIZE` - API_FILES_ACCESS_SYNCHRONIZE,\n * `WRITE_ACL` - API_FILES_ACCESS_WRITE_ACL,\n * `WRITE_ATTR` - API_FILES_ACCESS_WRITE_ATTR,\n * `WRITE_EA` - API_FILES_ACCESS_WRITE_EA,\n * `WRITE_GROUP` - API_FILES_ACCESS_WRITE_GROUP"
      }
    },
    "max_extra_ace_deny": {
      "description": "The maximum rights that any extra deny ACE can specify.",
      "type": "array",
      "items": {
        "type": "string",
        "enum": [
          "READ",
          "READ_EA",
          "READ_ATTR",
          "READ_ACL",
          "WRITE_EA",
          "WRITE_ATTR",
          "WRITE_ACL",
          "CHANGE_OWNER",
          "WRITE_GROUP",
          "DELETE",
          "EXECUTE",
          "MODIFY",
          "EXTEND",
          "ADD_FILE",
          "ADD_SUBDIR",
          "DELETE_CHILD",
          "SYNCHRONIZE",
          "ALL"
        ],
        "description": "The maximum rights that any extra deny ACE can specify.:\n * `ADD_FILE` - API_FILES_ACCESS_ADD_FILE,\n * `ADD_SUBDIR` - API_FILES_ACCESS_ADD_SUBDIR,\n * `ALL` - API_FILES_ACCESS_ALL,\n * `CHANGE_OWNER` - API_FILES_ACCESS_CHANGE_OWNER,\n * `DELETE` - API_FILES_ACCESS_DELETE,\n * `DELETE_CHILD` - API_FILES_ACCESS_DELETE_CHILD,\n * `EXECUTE` - API_FILES_ACCESS_EXECUTE,\n * `EXTEND` - API_FILES_ACCESS_EXTEND,\n * `MODIFY` - API_FILES_ACCESS_MODIFY,\n * `READ` - API_FILES_ACCESS_READ,\n * `READ_ACL` - API_FILES_ACCESS_READ_ACL,\n * `READ_ATTR` - API_FILES_ACCESS_READ_ATTR,\n * `READ_EA` - API_FILES_ACCESS_READ_EA,\n * `SYNCHRONIZE` - API_FILES_ACCESS_SYNCHRONIZE,\n * `WRITE_ACL` - API_FILES_ACCESS_WRITE_ACL,\n * `WRITE_ATTR` - API_FILES_ACCESS_WRITE_ATTR,\n * `WRITE_EA` - API_FILES_ACCESS_WRITE_EA,\n * `WRITE_GROUP` - API_FILES_ACCESS_WRITE_GROUP"
      }
    },
    "not_produced_by_any_mode": {
      "description": "Rights that are never produced by a POSIX mode bit.",
      "type": "array",
      "items": {
        "type": "string",
        "enum": [
          "READ",
          "READ_EA",
          "READ_ATTR",
          "READ_ACL",
          "WRITE_EA",
          "WRITE_ATTR",
          "WRITE_ACL",
          "CHANGE_OWNER",
          "WRITE_GROUP",
          "DELETE",
          "EXECUTE",
          "MODIFY",
          "EXTEND",
          "ADD_FILE",
          "ADD_SUBDIR",
          "DELETE_CHILD",
          "SYNCHRONIZE",
          "ALL"
        ],
        "description": "Rights that are never produced by a POSIX mode bit.:\n * `ADD_FILE` - API_FILES_ACCESS_ADD_FILE,\n * `ADD_SUBDIR` - API_FILES_ACCESS_ADD_SUBDIR,\n * `ALL` - API_FILES_ACCESS_ALL,\n * `CHANGE_OWNER` - API_FILES_ACCESS_CHANGE_OWNER,\n * `DELETE` - API_FILES_ACCESS_DELETE,\n * `DELETE_CHILD` - API_FILES_ACCESS_DELETE_CHILD,\n * `EXECUTE` - API_FILES_ACCESS_EXECUTE,\n * `EXTEND` - API_FILES_ACCESS_EXTEND,\n * `MODIFY` - API_FILES_ACCESS_MODIFY,\n * `READ` - API_FILES_ACCESS_READ,\n * `READ_ACL` - API_FILES_ACCESS_READ_ACL,\n * `READ_ATTR` - API_FILES_ACCESS_READ_ATTR,\n * `READ_EA` - API_FILES_ACCESS_READ_EA,\n * `SYNCHRONIZE` - API_FILES_ACCESS_SYNCHRONIZE,\n * `WRITE_ACL` - API_FILES_ACCESS_WRITE_ACL,\n * `WRITE_ATTR` - API_FILES_ACCESS_WRITE_ATTR,\n * `WRITE_EA` - API_FILES_ACCESS_WRITE_EA,\n * `WRITE_GROUP` - API_FILES_ACCESS_WRITE_GROUP"
      }
    },
    "not_visible_in_mode": {
      "description": "Rights that will never cause a bit to be set in the displayed mode.",
      "type": "array",
      "items": {
        "type": "string",
        "enum": [
          "READ",
          "READ_EA",
          "READ_ATTR",
          "READ_ACL",
          "WRITE_EA",
          "WRITE_ATTR",
          "WRITE_ACL",
          "CHANGE_OWNER",
          "WRITE_GROUP",
          "DELETE",
          "EXECUTE",
          "MODIFY",
          "EXTEND",
          "ADD_FILE",
          "ADD_SUBDIR",
          "DELETE_CHILD",
          "SYNCHRONIZE",
          "ALL"
        ],
        "description": "Rights that will never cause a bit to be set in the displayed mode.:\n * `ADD_FILE` - API_FILES_ACCESS_ADD_FILE,\n * `ADD_SUBDIR` - API_FILES_ACCESS_ADD_SUBDIR,\n * `ALL` - API_FILES_ACCESS_ALL,\n * `CHANGE_OWNER` - API_FILES_ACCESS_CHANGE_OWNER,\n * `DELETE` - API_FILES_ACCESS_DELETE,\n * `DELETE_CHILD` - API_FILES_ACCESS_DELETE_CHILD,\n * `EXECUTE` - API_FILES_ACCESS_EXECUTE,\n * `EXTEND` - API_FILES_ACCESS_EXTEND,\n * `MODIFY` - API_FILES_ACCESS_MODIFY,\n * `READ` - API_FILES_ACCESS_READ,\n * `READ_ACL` - API_FILES_ACCESS_READ_ACL,\n * `READ_ATTR` - API_FILES_ACCESS_READ_ATTR,\n * `READ_EA` - API_FILES_ACCESS_READ_EA,\n * `SYNCHRONIZE` - API_FILES_ACCESS_SYNCHRONIZE,\n * `WRITE_ACL` - API_FILES_ACCESS_WRITE_ACL,\n * `WRITE_ATTR` - API_FILES_ACCESS_WRITE_ATTR,\n * `WRITE_EA` - API_FILES_ACCESS_WRITE_EA,\n * `WRITE_GROUP` - API_FILES_ACCESS_WRITE_GROUP"
      }
    },
    "annotated_aces": {
      "type": "array",
      "items": {
        "description": "The annotated steps that would be taken to apply the requested mode to the source ACL.",
        "type": "object",
        "properties": {
          "source_ace": {
            "description": "Original ACE that this step affects.",
            "type": "object",
            "properties": {
              "type": {
                "type": "string",
                "enum": [
                  "ALLOWED",
                  "DENIED"
                ],
                "description": "Type of this ACL entry:\n * `ALLOWED` - API_FILES_ACE_TYPE_ALLOWED,\n * `DENIED` - API_FILES_ACE_TYPE_DENIED"
              },
              "flags": {
                "description": "ACE flags for this ACL entry",
                "type": "array",
                "items": {
                  "type": "string",
                  "enum": [
                    "OBJECT_INHERIT",
                    "CONTAINER_INHERIT",
                    "NO_PROPAGATE_INHERIT",
                    "INHERIT_ONLY",
                    "INHERITED",
                    "ALL"
                  ],
                  "description": "ACE flags for this ACL entry:\n * `ALL` - API_FILES_ACE_FLAG_ALL,\n * `CONTAINER_INHERIT` - API_FILES_ACE_FLAG_CONTAINER_INHERIT,\n * `INHERITED` - API_FILES_ACE_FLAG_INHERITED,\n * `INHERIT_ONLY` - API_FILES_ACE_FLAG_INHERIT_ONLY,\n * `NO_PROPAGATE_INHERIT` - API_FILES_ACE_FLAG_NO_PROPAGATE_INHERIT,\n * `OBJECT_INHERIT` - API_FILES_ACE_FLAG_OBJECT_INHERIT"
                }
              },
              "trustee": {
                "description": "Trustee for this ACL entry",
                "type": "object",
                "properties": {
                  "domain": {
                    "type": "string",
                    "enum": [
                      "LOCAL",
                      "API_NULL_DOMAIN",
                      "WORLD",
                      "POSIX_USER",
                      "POSIX_GROUP",
                      "ACTIVE_DIRECTORY",
                      "API_INVALID_DOMAIN",
                      "API_RESERVED_DOMAIN",
                      "API_INTERNAL_DOMAIN",
                      "API_OPERATOR_DOMAIN",
                      "API_CREATOR_DOMAIN"
                    ],
                    "description": "domain:\n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY,\n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN,\n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN,\n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN,\n * `API_NULL_DOMAIN` - API_NULL_DOMAIN,\n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN,\n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN,\n * `LOCAL` - LOCAL,\n * `POSIX_GROUP` - POSIX_GROUP,\n * `POSIX_USER` - POSIX_USER,\n * `WORLD` - WORLD"
                  },
                  "auth_id": {
                    "description": "auth_id",
                    "type": "string"
                  },
                  "uid": {
                    "description": "uid",
                    "type": "number"
                  },
                  "gid": {
                    "description": "gid",
                    "type": "number"
                  },
                  "sid": {
                    "description": "sid",
                    "type": "string"
                  },
                  "name": {
                    "description": "name",
                    "type": "string"
                  }
                }
              },
              "rights": {
                "description": "Rights granted or denied for this ACL entry",
                "type": "array",
                "items": {
                  "type": "string",
                  "enum": [
                    "READ",
                    "READ_EA",
                    "READ_ATTR",
                    "READ_ACL",
                    "WRITE_EA",
                    "WRITE_ATTR",
                    "WRITE_ACL",
                    "CHANGE_OWNER",
                    "WRITE_GROUP",
                    "DELETE",
                    "EXECUTE",
                    "MODIFY",
                    "EXTEND",
                    "ADD_FILE",
                    "ADD_SUBDIR",
                    "DELETE_CHILD",
                    "SYNCHRONIZE",
                    "ALL"
                  ],
                  "description": "Rights granted or denied for this ACL entry:\n * `ADD_FILE` - API_FILES_ACCESS_ADD_FILE,\n * `ADD_SUBDIR` - API_FILES_ACCESS_ADD_SUBDIR,\n * `ALL` - API_FILES_ACCESS_ALL,\n * `CHANGE_OWNER` - API_FILES_ACCESS_CHANGE_OWNER,\n * `DELETE` - API_FILES_ACCESS_DELETE,\n * `DELETE_CHILD` - API_FILES_ACCESS_DELETE_CHILD,\n * `EXECUTE` - API_FILES_ACCESS_EXECUTE,\n * `EXTEND` - API_FILES_ACCESS_EXTEND,\n * `MODIFY` - API_FILES_ACCESS_MODIFY,\n * `READ` - API_FILES_ACCESS_READ,\n * `READ_ACL` - API_FILES_ACCESS_READ_ACL,\n * `READ_ATTR` - API_FILES_ACCESS_READ_ATTR,\n * `READ_EA` - API_FILES_ACCESS_READ_EA,\n * `SYNCHRONIZE` - API_FILES_ACCESS_SYNCHRONIZE,\n * `WRITE_ACL` - API_FILES_ACCESS_WRITE_ACL,\n * `WRITE_ATTR` - API_FILES_ACCESS_WRITE_ATTR,\n * `WRITE_EA` - API_FILES_ACCESS_WRITE_EA,\n * `WRITE_GROUP` - API_FILES_ACCESS_WRITE_GROUP"
                }
              }
            }
          },
          "source_trustee_match": {
            "description": "Describes which POSIX mode classes the source ACE matches.",
            "type": "array",
            "items": {
              "type": "string",
              "enum": [
                "POSIX_OWNER",
                "POSIX_GROUP_OWNER",
                "POSIX_OTHERS",
                "NON_POSIX"
              ],
              "description": "Describes which POSIX mode classes the source ACE matches.:\n * `NON_POSIX` - NON_POSIX,\n * `POSIX_GROUP_OWNER` - POSIX_GROUP_OWNER,\n * `POSIX_OTHERS` - POSIX_OTHERS,\n * `POSIX_OWNER` - POSIX_OWNER"
            }
          },
          "action": {
            "type": "string",
            "enum": [
              "COPY_ACE",
              "MODIFY_ACE",
              "INSERT_ACE",
              "REMOVE_ACE"
            ],
            "description": "The action being performed in this step to affect the ACL.:\n * `COPY_ACE` - COPY_ACE,\n * `INSERT_ACE` - INSERT_ACE,\n * `MODIFY_ACE` - MODIFY_ACE,\n * `REMOVE_ACE` - REMOVE_ACE"
          },
          "reason": {
            "description": "An explanation of why the action is being performed.",
            "type": "string"
          },
          "rights_removed": {
            "description": "Any rights that are removed from the source ACE in this step.",
            "type": "array",
            "items": {
              "type": "string",
              "enum": [
                "READ",
                "READ_EA",
                "READ_ATTR",
                "READ_ACL",
                "WRITE_EA",
                "WRITE_ATTR",
                "WRITE_ACL",
                "CHANGE_OWNER",
                "WRITE_GROUP",
                "DELETE",
                "EXECUTE",
                "MODIFY",
                "EXTEND",
                "ADD_FILE",
                "ADD_SUBDIR",
                "DELETE_CHILD",
                "SYNCHRONIZE",
                "ALL"
              ],
              "description": "Any rights that are removed from the source ACE in this step.:\n * `ADD_FILE` - API_FILES_ACCESS_ADD_FILE,\n * `ADD_SUBDIR` - API_FILES_ACCESS_ADD_SUBDIR,\n * `ALL` - API_FILES_ACCESS_ALL,\n * `CHANGE_OWNER` - API_FILES_ACCESS_CHANGE_OWNER,\n * `DELETE` - API_FILES_ACCESS_DELETE,\n * `DELETE_CHILD` - API_FILES_ACCESS_DELETE_CHILD,\n * `EXECUTE` - API_FILES_ACCESS_EXECUTE,\n * `EXTEND` - API_FILES_ACCESS_EXTEND,\n * `MODIFY` - API_FILES_ACCESS_MODIFY,\n * `READ` - API_FILES_ACCESS_READ,\n * `READ_ACL` - API_FILES_ACCESS_READ_ACL,\n * `READ_ATTR` - API_FILES_ACCESS_READ_ATTR,\n * `READ_EA` - API_FILES_ACCESS_READ_EA,\n * `SYNCHRONIZE` - API_FILES_ACCESS_SYNCHRONIZE,\n * `WRITE_ACL` - API_FILES_ACCESS_WRITE_ACL,\n * `WRITE_ATTR` - API_FILES_ACCESS_WRITE_ATTR,\n * `WRITE_EA` - API_FILES_ACCESS_WRITE_EA,\n * `WRITE_GROUP` - API_FILES_ACCESS_WRITE_GROUP"
            }
          },
          "flags_removed": {
            "description": "Any flags that are removed from the source ACE in this step.",
            "type": "array",
            "items": {
              "type": "string",
              "enum": [
                "OBJECT_INHERIT",
                "CONTAINER_INHERIT",
                "NO_PROPAGATE_INHERIT",
                "INHERIT_ONLY",
                "INHERITED",
                "ALL"
              ],
              "description": "Any flags that are removed from the source ACE in this step.:\n * `ALL` - API_FILES_ACE_FLAG_ALL,\n * `CONTAINER_INHERIT` - API_FILES_ACE_FLAG_CONTAINER_INHERIT,\n * `INHERITED` - API_FILES_ACE_FLAG_INHERITED,\n * `INHERIT_ONLY` - API_FILES_ACE_FLAG_INHERIT_ONLY,\n * `NO_PROPAGATE_INHERIT` - API_FILES_ACE_FLAG_NO_PROPAGATE_INHERIT,\n * `OBJECT_INHERIT` - API_FILES_ACE_FLAG_OBJECT_INHERIT"
            }
          },
          "flags_added": {
            "description": "Any flags that are added from the source ACE in this step.",
            "type": "array",
            "items": {
              "type": "string",
              "enum": [
                "OBJECT_INHERIT",
                "CONTAINER_INHERIT",
                "NO_PROPAGATE_INHERIT",
                "INHERIT_ONLY",
                "INHERITED",
                "ALL"
              ],
              "description": "Any flags that are added from the source ACE in this step.:\n * `ALL` - API_FILES_ACE_FLAG_ALL,\n * `CONTAINER_INHERIT` - API_FILES_ACE_FLAG_CONTAINER_INHERIT,\n * `INHERITED` - API_FILES_ACE_FLAG_INHERITED,\n * `INHERIT_ONLY` - API_FILES_ACE_FLAG_INHERIT_ONLY,\n * `NO_PROPAGATE_INHERIT` - API_FILES_ACE_FLAG_NO_PROPAGATE_INHERIT,\n * `OBJECT_INHERIT` - API_FILES_ACE_FLAG_OBJECT_INHERIT"
            }
          },
          "result_ace": {
            "description": "The new ACE produced by this step.",
            "type": "object",
            "properties": {
              "type": {
                "type": "string",
                "enum": [
                  "ALLOWED",
                  "DENIED"
                ],
                "description": "Type of this ACL entry:\n * `ALLOWED` - API_FILES_ACE_TYPE_ALLOWED,\n * `DENIED` - API_FILES_ACE_TYPE_DENIED"
              },
              "flags": {
                "description": "ACE flags for this ACL entry",
                "type": "array",
                "items": {
                  "type": "string",
                  "enum": [
                    "OBJECT_INHERIT",
                    "CONTAINER_INHERIT",
                    "NO_PROPAGATE_INHERIT",
                    "INHERIT_ONLY",
                    "INHERITED",
                    "ALL"
                  ],
                  "description": "ACE flags for this ACL entry:\n * `ALL` - API_FILES_ACE_FLAG_ALL,\n * `CONTAINER_INHERIT` - API_FILES_ACE_FLAG_CONTAINER_INHERIT,\n * `INHERITED` - API_FILES_ACE_FLAG_INHERITED,\n * `INHERIT_ONLY` - API_FILES_ACE_FLAG_INHERIT_ONLY,\n * `NO_PROPAGATE_INHERIT` - API_FILES_ACE_FLAG_NO_PROPAGATE_INHERIT,\n * `OBJECT_INHERIT` - API_FILES_ACE_FLAG_OBJECT_INHERIT"
                }
              },
              "trustee": {
                "description": "Trustee for this ACL entry",
                "type": "object",
                "properties": {
                  "domain": {
                    "type": "string",
                    "enum": [
                      "LOCAL",
                      "API_NULL_DOMAIN",
                      "WORLD",
                      "POSIX_USER",
                      "POSIX_GROUP",
                      "ACTIVE_DIRECTORY",
                      "API_INVALID_DOMAIN",
                      "API_RESERVED_DOMAIN",
                      "API_INTERNAL_DOMAIN",
                      "API_OPERATOR_DOMAIN",
                      "API_CREATOR_DOMAIN"
                    ],
                    "description": "domain:\n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY,\n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN,\n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN,\n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN,\n * `API_NULL_DOMAIN` - API_NULL_DOMAIN,\n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN,\n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN,\n * `LOCAL` - LOCAL,\n * `POSIX_GROUP` - POSIX_GROUP,\n * `POSIX_USER` - POSIX_USER,\n * `WORLD` - WORLD"
                  },
                  "auth_id": {
                    "description": "auth_id",
                    "type": "string"
                  },
                  "uid": {
                    "description": "uid",
                    "type": "number"
                  },
                  "gid": {
                    "description": "gid",
                    "type": "number"
                  },
                  "sid": {
                    "description": "sid",
                    "type": "string"
                  },
                  "name": {
                    "description": "name",
                    "type": "string"
                  }
                }
              },
              "rights": {
                "description": "Rights granted or denied for this ACL entry",
                "type": "array",
                "items": {
                  "type": "string",
                  "enum": [
                    "READ",
                    "READ_EA",
                    "READ_ATTR",
                    "READ_ACL",
                    "WRITE_EA",
                    "WRITE_ATTR",
                    "WRITE_ACL",
                    "CHANGE_OWNER",
                    "WRITE_GROUP",
                    "DELETE",
                    "EXECUTE",
                    "MODIFY",
                    "EXTEND",
                    "ADD_FILE",
                    "ADD_SUBDIR",
                    "DELETE_CHILD",
                    "SYNCHRONIZE",
                    "ALL"
                  ],
                  "description": "Rights granted or denied for this ACL entry:\n * `ADD_FILE` - API_FILES_ACCESS_ADD_FILE,\n * `ADD_SUBDIR` - API_FILES_ACCESS_ADD_SUBDIR,\n * `ALL` - API_FILES_ACCESS_ALL,\n * `CHANGE_OWNER` - API_FILES_ACCESS_CHANGE_OWNER,\n * `DELETE` - API_FILES_ACCESS_DELETE,\n * `DELETE_CHILD` - API_FILES_ACCESS_DELETE_CHILD,\n * `EXECUTE` - API_FILES_ACCESS_EXECUTE,\n * `EXTEND` - API_FILES_ACCESS_EXTEND,\n * `MODIFY` - API_FILES_ACCESS_MODIFY,\n * `READ` - API_FILES_ACCESS_READ,\n * `READ_ACL` - API_FILES_ACCESS_READ_ACL,\n * `READ_ATTR` - API_FILES_ACCESS_READ_ATTR,\n * `READ_EA` - API_FILES_ACCESS_READ_EA,\n * `SYNCHRONIZE` - API_FILES_ACCESS_SYNCHRONIZE,\n * `WRITE_ACL` - API_FILES_ACCESS_WRITE_ACL,\n * `WRITE_ATTR` - API_FILES_ACCESS_WRITE_ATTR,\n * `WRITE_EA` - API_FILES_ACCESS_WRITE_EA,\n * `WRITE_GROUP` - API_FILES_ACCESS_WRITE_GROUP"
                }
              }
            }
          }
        }
      }
    },
    "initial_acl": {
      "description": "The ACL originally on the file/directory in question.",
      "type": "object",
      "properties": {
        "control": {
          "description": "control",
          "type": "array",
          "items": {
            "type": "string",
            "enum": [
              "PRESENT",
              "DEFAULTED",
              "TRUSTED",
              "AUTO_INHERIT",
              "PROTECTED",
              "ALL"
            ],
            "description": "control:\n * `ALL` - API_FILES_ACL_CONTROL_ALL,\n * `AUTO_INHERIT` - API_FILES_ACL_CONTROL_AUTO_INHERIT,\n * `DEFAULTED` - API_FILES_ACL_CONTROL_DEFAULTED,\n * `PRESENT` - API_FILES_ACL_CONTROL_PRESENT,\n * `PROTECTED` - API_FILES_ACL_CONTROL_PROTECTED,\n * `TRUSTED` - API_FILES_ACL_CONTROL_TRUSTED"
          }
        },
        "posix_special_permissions": {
          "type": "array",
          "items": {
            "type": "string",
            "enum": [
              "STICKY_BIT",
              "SET_GID",
              "SET_UID"
            ],
            "description": "posix_special_permissions:\n * `SET_GID` - SET_GID,\n * `SET_UID` - SET_UID,\n * `STICKY_BIT` - STICKY_BIT"
          }
        },
        "aces": {
          "type": "array",
          "items": {
            "description": "aces",
            "type": "object",
            "properties": {
              "type": {
                "type": "string",
                "enum": [
                  "ALLOWED",
                  "DENIED"
                ],
                "description": "Type of this ACL entry:\n * `ALLOWED` - API_FILES_ACE_TYPE_ALLOWED,\n * `DENIED` - API_FILES_ACE_TYPE_DENIED"
              },
              "flags": {
                "description": "ACE flags for this ACL entry",
                "type": "array",
                "items": {
                  "type": "string",
                  "enum": [
                    "OBJECT_INHERIT",
                    "CONTAINER_INHERIT",
                    "NO_PROPAGATE_INHERIT",
                    "INHERIT_ONLY",
                    "INHERITED",
                    "ALL"
                  ],
                  "description": "ACE flags for this ACL entry:\n * `ALL` - API_FILES_ACE_FLAG_ALL,\n * `CONTAINER_INHERIT` - API_FILES_ACE_FLAG_CONTAINER_INHERIT,\n * `INHERITED` - API_FILES_ACE_FLAG_INHERITED,\n * `INHERIT_ONLY` - API_FILES_ACE_FLAG_INHERIT_ONLY,\n * `NO_PROPAGATE_INHERIT` - API_FILES_ACE_FLAG_NO_PROPAGATE_INHERIT,\n * `OBJECT_INHERIT` - API_FILES_ACE_FLAG_OBJECT_INHERIT"
                }
              },
              "trustee": {
                "description": "Trustee for this ACL entry",
                "type": "object",
                "properties": {
                  "domain": {
                    "type": "string",
                    "enum": [
                      "LOCAL",
                      "API_NULL_DOMAIN",
                      "WORLD",
                      "POSIX_USER",
                      "POSIX_GROUP",
                      "ACTIVE_DIRECTORY",
                      "API_INVALID_DOMAIN",
                      "API_RESERVED_DOMAIN",
                      "API_INTERNAL_DOMAIN",
                      "API_OPERATOR_DOMAIN",
                      "API_CREATOR_DOMAIN"
                    ],
                    "description": "domain:\n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY,\n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN,\n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN,\n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN,\n * `API_NULL_DOMAIN` - API_NULL_DOMAIN,\n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN,\n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN,\n * `LOCAL` - LOCAL,\n * `POSIX_GROUP` - POSIX_GROUP,\n * `POSIX_USER` - POSIX_USER,\n * `WORLD` - WORLD"
                  },
                  "auth_id": {
                    "description": "auth_id",
                    "type": "string"
                  },
                  "uid": {
                    "description": "uid",
                    "type": "number"
                  },
                  "gid": {
                    "description": "gid",
                    "type": "number"
                  },
                  "sid": {
                    "description": "sid",
                    "type": "string"
                  },
                  "name": {
                    "description": "name",
                    "type": "string"
                  }
                }
              },
              "rights": {
                "description": "Rights granted or denied for this ACL entry",
                "type": "array",
                "items": {
                  "type": "string",
                  "enum": [
                    "READ",
                    "READ_EA",
                    "READ_ATTR",
                    "READ_ACL",
                    "WRITE_EA",
                    "WRITE_ATTR",
                    "WRITE_ACL",
                    "CHANGE_OWNER",
                    "WRITE_GROUP",
                    "DELETE",
                    "EXECUTE",
                    "MODIFY",
                    "EXTEND",
                    "ADD_FILE",
                    "ADD_SUBDIR",
                    "DELETE_CHILD",
                    "SYNCHRONIZE",
                    "ALL"
                  ],
                  "description": "Rights granted or denied for this ACL entry:\n * `ADD_FILE` - API_FILES_ACCESS_ADD_FILE,\n * `ADD_SUBDIR` - API_FILES_ACCESS_ADD_SUBDIR,\n * `ALL` - API_FILES_ACCESS_ALL,\n * `CHANGE_OWNER` - API_FILES_ACCESS_CHANGE_OWNER,\n * `DELETE` - API_FILES_ACCESS_DELETE,\n * `DELETE_CHILD` - API_FILES_ACCESS_DELETE_CHILD,\n * `EXECUTE` - API_FILES_ACCESS_EXECUTE,\n * `EXTEND` - API_FILES_ACCESS_EXTEND,\n * `MODIFY` - API_FILES_ACCESS_MODIFY,\n * `READ` - API_FILES_ACCESS_READ,\n * `READ_ACL` - API_FILES_ACCESS_READ_ACL,\n * `READ_ATTR` - API_FILES_ACCESS_READ_ATTR,\n * `READ_EA` - API_FILES_ACCESS_READ_EA,\n * `SYNCHRONIZE` - API_FILES_ACCESS_SYNCHRONIZE,\n * `WRITE_ACL` - API_FILES_ACCESS_WRITE_ACL,\n * `WRITE_ATTR` - API_FILES_ACCESS_WRITE_ATTR,\n * `WRITE_EA` - API_FILES_ACCESS_WRITE_EA,\n * `WRITE_GROUP` - API_FILES_ACCESS_WRITE_GROUP"
                }
              }
            }
          }
        }
      }
    },
    "result_acl": {
      "description": "The ACL that would be produced by applying the requested mode.",
      "type": "object",
      "properties": {
        "control": {
          "description": "control",
          "type": "array",
          "items": {
            "type": "string",
            "enum": [
              "PRESENT",
              "DEFAULTED",
              "TRUSTED",
              "AUTO_INHERIT",
              "PROTECTED",
              "ALL"
            ],
            "description": "control:\n * `ALL` - API_FILES_ACL_CONTROL_ALL,\n * `AUTO_INHERIT` - API_FILES_ACL_CONTROL_AUTO_INHERIT,\n * `DEFAULTED` - API_FILES_ACL_CONTROL_DEFAULTED,\n * `PRESENT` - API_FILES_ACL_CONTROL_PRESENT,\n * `PROTECTED` - API_FILES_ACL_CONTROL_PROTECTED,\n * `TRUSTED` - API_FILES_ACL_CONTROL_TRUSTED"
          }
        },
        "posix_special_permissions": {
          "type": "array",
          "items": {
            "type": "string",
            "enum": [
              "STICKY_BIT",
              "SET_GID",
              "SET_UID"
            ],
            "description": "posix_special_permissions:\n * `SET_GID` - SET_GID,\n * `SET_UID` - SET_UID,\n * `STICKY_BIT` - STICKY_BIT"
          }
        },
        "aces": {
          "type": "array",
          "items": {
            "description": "aces",
            "type": "object",
            "properties": {
              "type": {
                "type": "string",
                "enum": [
                  "ALLOWED",
                  "DENIED"
                ],
                "description": "Type of this ACL entry:\n * `ALLOWED` - API_FILES_ACE_TYPE_ALLOWED,\n * `DENIED` - API_FILES_ACE_TYPE_DENIED"
              },
              "flags": {
                "description": "ACE flags for this ACL entry",
                "type": "array",
                "items": {
                  "type": "string",
                  "enum": [
                    "OBJECT_INHERIT",
                    "CONTAINER_INHERIT",
                    "NO_PROPAGATE_INHERIT",
                    "INHERIT_ONLY",
                    "INHERITED",
                    "ALL"
                  ],
                  "description": "ACE flags for this ACL entry:\n * `ALL` - API_FILES_ACE_FLAG_ALL,\n * `CONTAINER_INHERIT` - API_FILES_ACE_FLAG_CONTAINER_INHERIT,\n * `INHERITED` - API_FILES_ACE_FLAG_INHERITED,\n * `INHERIT_ONLY` - API_FILES_ACE_FLAG_INHERIT_ONLY,\n * `NO_PROPAGATE_INHERIT` - API_FILES_ACE_FLAG_NO_PROPAGATE_INHERIT,\n * `OBJECT_INHERIT` - API_FILES_ACE_FLAG_OBJECT_INHERIT"
                }
              },
              "trustee": {
                "description": "Trustee for this ACL entry",
                "type": "object",
                "properties": {
                  "domain": {
                    "type": "string",
                    "enum": [
                      "LOCAL",
                      "API_NULL_DOMAIN",
                      "WORLD",
                      "POSIX_USER",
                      "POSIX_GROUP",
                      "ACTIVE_DIRECTORY",
                      "API_INVALID_DOMAIN",
                      "API_RESERVED_DOMAIN",
                      "API_INTERNAL_DOMAIN",
                      "API_OPERATOR_DOMAIN",
                      "API_CREATOR_DOMAIN"
                    ],
                    "description": "domain:\n * `ACTIVE_DIRECTORY` - ACTIVE_DIRECTORY,\n * `API_CREATOR_DOMAIN` - API_CREATOR_DOMAIN,\n * `API_INTERNAL_DOMAIN` - API_INTERNAL_DOMAIN,\n * `API_INVALID_DOMAIN` - API_INVALID_DOMAIN,\n * `API_NULL_DOMAIN` - API_NULL_DOMAIN,\n * `API_OPERATOR_DOMAIN` - API_OPERATOR_DOMAIN,\n * `API_RESERVED_DOMAIN` - API_RESERVED_DOMAIN,\n * `LOCAL` - LOCAL,\n * `POSIX_GROUP` - POSIX_GROUP,\n * `POSIX_USER` - POSIX_USER,\n * `WORLD` - WORLD"
                  },
                  "auth_id": {
                    "description": "auth_id",
                    "type": "string"
                  },
                  "uid": {
                    "description": "uid",
                    "type": "number"
                  },
                  "gid": {
                    "description": "gid",
                    "type": "number"
                  },
                  "sid": {
                    "description": "sid",
                    "type": "string"
                  },
                  "name": {
                    "description": "name",
                    "type": "string"
                  }
                }
              },
              "rights": {
                "description": "Rights granted or denied for this ACL entry",
                "type": "array",
                "items": {
                  "type": "string",
                  "enum": [
                    "READ",
                    "READ_EA",
                    "READ_ATTR",
                    "READ_ACL",
                    "WRITE_EA",
                    "WRITE_ATTR",
                    "WRITE_ACL",
                    "CHANGE_OWNER",
                    "WRITE_GROUP",
                    "DELETE",
                    "EXECUTE",
                    "MODIFY",
                    "EXTEND",
                    "ADD_FILE",
                    "ADD_SUBDIR",
                    "DELETE_CHILD",
                    "SYNCHRONIZE",
                    "ALL"
                  ],
                  "description": "Rights granted or denied for this ACL entry:\n * `ADD_FILE` - API_FILES_ACCESS_ADD_FILE,\n * `ADD_SUBDIR` - API_FILES_ACCESS_ADD_SUBDIR,\n * `ALL` - API_FILES_ACCESS_ALL,\n * `CHANGE_OWNER` - API_FILES_ACCESS_CHANGE_OWNER,\n * `DELETE` - API_FILES_ACCESS_DELETE,\n * `DELETE_CHILD` - API_FILES_ACCESS_DELETE_CHILD,\n * `EXECUTE` - API_FILES_ACCESS_EXECUTE,\n * `EXTEND` - API_FILES_ACCESS_EXTEND,\n * `MODIFY` - API_FILES_ACCESS_MODIFY,\n * `READ` - API_FILES_ACCESS_READ,\n * `READ_ACL` - API_FILES_ACCESS_READ_ACL,\n * `READ_ATTR` - API_FILES_ACCESS_READ_ATTR,\n * `READ_EA` - API_FILES_ACCESS_READ_EA,\n * `SYNCHRONIZE` - API_FILES_ACCESS_SYNCHRONIZE,\n * `WRITE_ACL` - API_FILES_ACCESS_WRITE_ACL,\n * `WRITE_ATTR` - API_FILES_ACCESS_WRITE_ATTR,\n * `WRITE_EA` - API_FILES_ACCESS_WRITE_EA,\n * `WRITE_GROUP` - API_FILES_ACCESS_WRITE_GROUP"
                }
              }
            }
          }
        }
      }
    }
  }
}