Zu den Hauptinhalten
Abmelden

Willkommen bei Dell

Mein Konto
  • Bestellungen schnell und einfach aufgeben
  • Bestellungen anzeigen und den Versandstatus verfolgen
  • Profitieren Sie von exklusiven Prämien und Rabatten für Mitglieder
  • Erstellen Sie eine Liste Ihrer Produkte, auf die Sie jederzeit zugreifen können.
  • Verwalten Sie mit der Unternehmensverwaltung Ihre Dell EMC Seiten, Produkte und produktspezifischen Kontakte.
Anmelden Konto erstellen Premier-Anmeldung Anmeldung beim Partnerprogramm
Kontakt

Ihr Warenkorb bei Dell.com

PowerScale OneFS API Reference

PDF

Set the ACL of a file

Sets the access control list of a file.

Request syntax

PUT /namespace/<access_point>/<container_path>/<file_name>?acl HTTP/1.1
Host: <hostname>[:<port>]
Content-Length: <length>
Date: <date>
Authorization: <signature>
x-isi-ifs-target-type: object
Content-Type: application/json

{
   "owner":{
      "id":"<owner id>",
      "name":"<owner name>",
      "type":"<type>"
   },
   "group":{
      "id":"<group id>",
      "name":"<group name>",
      "type":"<type>"
   },
   "authoritative":"acl"|"mode",
   "mode":"<POSIX mode>",
   "action":"<action_value>",
   "acl":[
      {
         "trustee":{
            "id":"<trustee id>",
            "name":"<trustee name>",
            "type":"<trustee type>"
         },
         "accesstype":"allow"|"deny",
         "accessrights":"<accessrights_list>",
         "op":"<operation_value>"
      }
   ]
}

Request query parameters

Parameter Name Description Default Type Required
acl The acl argument must be placed at the first position of the argument list in the URI. N/A String Yes

Request body parameters

Parameter Name Description Default Type Required
owner Specifies the JSON object for the owner persona. You should only specify the owner or group persona if you want to change the owner or group of the target. N/A JSON object No
group Specifies the JSON object for the group persona of the owner. You should only specify the owner or group persona if you want to change the owner or group of the target. N/A JSON object No
authoritative The authoritative field is mandatory and can take the value of either acl or mode.

acl: You can modify the owner, group personas, or access rights for the file by setting the authoritative field to acl and by setting <action_value> to update. When the authoritative field is set to acl, access rights are set for the file from the acl structure. Any value that is specified for the mode parameter is ignored.

NOTE:

When the authoritative field is set to acl, the default value for the <action_value> field is replace. If the <action_value> field is set to replace, the system replaces the existing access rights of the file with the access rights that are specified in the acl structure. If the acl structure is empty, the existing access rights are deleted and default access rights are provided by the system. The default access rights for files are read access control list (‘std_read_dac’) and write access control list (‘std_write_dac’) for the owner.

mode: You can modify the owner and group personas by setting the authoritative field to mode. When the authoritative field is set to mode, POSIX permissions are set on the file. The <action_value> field and acl structure are ignored. If mode is set on a file that already has access rights or if access rights are set on a file that already has POSIX permissions set, the result of the operation varies based on the Global ACL Policy.

N/A String Yes
mode Specifies the POSIX mode. 0700 for directories

0600 for files

Octal number, which is specified as a string No
action The <action_value> field is applied when the authoritative field is set to acl. You can set the <action_value> field to either update or replace. The default value is replace.

When set to update, the existing access control list of the file is modified with the access control entries that are specified in the acl structure of the JSON body.

When set to replace, the entire access control list is deleted and replaced with the access control entries that are specified in the acl structure of the JSON body.

Also, when set to replace, the acl structure is optional. If the acl structure is left empty, the entire access control list is deleted and replaced with the system set default access rights. The default access rights for files are read access control list (‘ std_read_dac’) and write access control list (‘ std_write_dac’) for the owner.

replace String No
acl Specifies the JSON array of access rights. N/A JSON object Conditional

Mandatory when the <action_value> field is set to update and optional when the <action_value> field is set to replace.

accesstype Can be set to allow or deny.

allow: Allows access to the file based on the access rights set for the trustee.

deny: Denies access to the file based on the access rights set for the trustee.

N/A String Yes, unless the <action_value> field is set to replace and the acl structure is empty.
accessrights Specifies the access right values that are defined for the file. N/A List of string values Conditional

Mandatory when the <action_value> field is set to update and the <operation_value>field is set to either add or replace, and when the <inherit_flags_list> field is unspecified.

Optional when the <action_value> field is set to update and the <operation_value> is set to delete.

inherit_flags Specifies the inherit flag values for the file. N/A List of string values Conditional

Either the <accessrights_list> or <inherit_flags_list> must be specified when the <action_value> field is set to update and the <operation_value> field is set to add or replace.

op The <operation_value> field is applied when the <action_value> field is set to update. You can set the <operation_value> field to add, replace, or delete. If no <operation_value> field is specified, the default value is add.

add: Creates an access control entry (ACE) if an ACE is not already present for a trustee and trustee access type. If an entry is already present for that trustee and trustee access type, this operation appends the access rights list to the current ACE for that trustee and trustee access type.

delete: Removes the access rights list provided from the existing ACE for a trustee and trustee access type. If the input access rights list is empty , the entire ACE that corresponds to the trustee and trustee access type is deleted.

replace: Replaces the entire ACE for the trustee and trustee access type with the input access rights list.

add, when the <action_value> field is set to update String No

Request headers

This call sends common request headers.

Response headers

This call returns common response headers.

Response body

No message body is returned upon success.

Example request

This sample sets the ACL of a file named 'file1'. 

PUT /namespace/ifs/dir1/dir2/ns/file1?acl HTTP/1.1
Host: my_cluster:8080
Content-Length: <length>
Date: Tue, 22 May 2012 12:00:00 GMT
Authorization: <signature>
Content-Type: application/json

{
   "owner":{
      "id":"UID:0",
      "name":"root",
      "type":"user"
   },
   "group":{
      "id":"GID:0",
      "name”:"wheel",
      "type":"group"
   },
   "authoritative":"acl",
   "action":"update",
   "acl": [
   {
         "trustee":{
            "id":"UID:0",
            "name":"root",
            "type":"user"
         },
         "accesstype":"allow",
         "accessrights":[
            "file_read",
            "file_write"
         ],
         "op":"add"
      },
      {
         "trustee":{
            "id":"GID:1201",
            "name":"group12",
            "type":"group"
         },
         "accesstype":"allow",
         "accessrights":"std_write_dac"
      ],
      "op":"replace"
   }
]
}

Example response

HTTP/1.1 200 OK
Date: Tue, 22 May 2012 12:00:00 GMT
Content-Length: <length>
Connection: close
Server: Apache2/2.2.19

Diesen Inhalt bewerten

Präzise
Nützlich
Leicht verständlich
War dieser Artikel hilfreich?
0/3000 characters
  Bitte geben Sie eine Bewertung ab (1 bis 5 Sterne).
  Bitte geben Sie eine Bewertung ab (1 bis 5 Sterne).
  Bitte geben Sie eine Bewertung ab (1 bis 5 Sterne).
  Bitte geben Sie an, ob der Artikel hilfreich war.
  Die folgenden Sonderzeichen dürfen in Kommentaren nicht verwendet werden: <>()\