Filesystem ACL Extraction
An ACL is a network access control list (ACL) which is made up of rules that either allow access to a computer environment or deny it. In a way, an ACL is like a guest list at an exclusive club. Only those on the list are allowed in the doors. This task will extract ACLs from the Windows or Linux filesystem document and add them to the repository document.
Configuration
To use this task go to the task tab in your job. Select the task from the drop down and click the plus circle to configure the task. Click done after making any changes to save.
Condition check
It will execute the task when the condition's result is 'true', 't', 'on', '1', or 'yes' (case-insensitive), or run on all conditions if left empty. This condition is evaluated for each document, determining whether the task should be executed based on the specified values.
Example: If I only want to run this task for PDF documents I would use the expression: equals('#{rd.mimetype}',"application/pdf")
File System Operating System
The operating system that these files are being read from.
Append _DENY to Deny ACL Type permissions
Appends _DENY to the end of an extracted permission if it's of the type DENY, in case you want to track this later on.
This task will have some different behaviour depending on your operating system. In a POSIX environment (macOS or Linux) permissions may be added as the field document.permissions with the permissions in a semicolon(;) delimited list, if any exist.
If the filesystem supplies an owner, it will be added as simflofy.owner
Additionally, simflofy will create a permission map of the principals and their permissions. It will set is as the originalPermissions field, so
Map<String, Set<String>> permissions = new Map<>();
//process acls
rd.setOriginalPermissions(permissions);
Finally, if any User Defined File Attributes (extended attributes), they will be added as a semicolon delimited list in the field
simflofy.userattributes
Examples
The following example will extract the access control list from files in the windows operating system and create the permissions map field originalPermissions.
API Keys
Processor: fileSystemACLExtractionTask
|
Key |
Display Name |
Type |
|---|---|---|
| use_condition | Check a condition before executing this task. | Boolean |
|
task_condition |
Condition |
String |
|
task_stop_proc |
Stop Processing |
Boolean |
|
fsacl_os |
File System Operating System |
String |
|
fsacl_ad |
Append _DENY to Deny ACL Type Permissions? |
Boolean |