The
acl argument must be placed at the first position of the argument list in the URI.
N/A
String
Yes
Request body parameters
Parameter Name
Description
Default
Type
Required
owner
Specifies the JSON object for the owner persona. You should only specify the owner persona if you want to change the owner of the target.
N/A
JSON object
No
group
Specifies the JSON object for the group persona of the owner. You should only specify the group persona if you want to change the group of the target.
N/A
JSON object
No
authoritative
The authoritative field is mandatory and can take the value of either
acl or
mode.
acl: You can modify the owner, group personas, or access rights for the directory by setting the authoritative field to
acl and by setting
<action_value>
to
update. When the authoritative field is set to
acl, access rights are set for the directory from the
acl structure. Any value specified for the
mode parameter is ignored.
NOTE: When the authoritative field is set to
acl, the default value for the
<action_value>
field is
replace. If the
<action_value>
field is set to
replace, the system replaces the existing access rights of the directory with the access rights specified in the
acl structure. If the
acl structure is empty, the existing access rights are deleted and default access rights are provided by the system. The default access rights for directories are read access control list (‘std_read_dac’) and write access control list (‘std_write_dac’) for the owner.
mode: You can modify the owner and group personas by setting the authoritative field to
mode. When the authoritative field is set to
mode, POSIX permissions are set on the directory. The
<action_value>
field and
acl structure are ignored. If
mode is set on a directory that already has access rights or if access rights are set on a directory that already has POSIX permissions set, the result of the operation varies based on the Global ACL Policy.
N/A
String
Yes
mode
Specifies the POSIX mode.
0700 for directories
0600 for files
Octal number, specified as a string
No
action
The
<action_value>
field is applied when the authoritative field is set to
acl. You can set the
<action_value> field to either
update or
replace.
When set to
update, the existing access control list of the directory is modified with the access control entries specified in the
acl structure of the JSON body.
When set to
replace, the entire access control list is deleted and replaced with the access control entries specified in the
acl structure of the JSON body.
Additionally, when set to
replace, the
acl structure is optional. If the
acl structure is left empty, the entire access control list is deleted and replaced with the system set default access rights. The default access rights for directories are read access control list (‘ std_read_dac’) and write access control list (‘ std_write_dac’) for the owner.
replace
String
No
acl
Specifies the JSON array of access rights.
N/A
JSON object
Conditional.
Mandatory when the
<action_value>
field is set to
update; optional when the
<action_value>
is set to
replace
accesstype
Can be set to
allow or
deny.
allow: Allows access to the directory based on the access rights set for the trustee.
deny: Denies access to the directory based on the access rights set for the trustee.
N/A
String
Yes, unless the
<action_value> field is set to
replace and the
acl structure is empty.
accessrights
Specifies the access right values defined for the directory.
N/A
List of string values
Conditional
Mandatory when the
<action_value>
field is set to
update and the
<operation_value> field is set to either
add or
replace and the
<inherit_ flags_list> field is unspecified.
Optional when the
<action_value>
is set to
update and the
<operation_value> field is set to
delete, or when the
<action_value>
field is set to
replace.
inherit_flags
Specifies the inherit flag values for directories.
N/A
List of string values
Conditional
op
The
<operation_value> field is applied when the
<action_value>
field is set to
update. You can set the
<operation_value> field to
add,
replace, or
delete. If no
<operation_value> field is specified, the default value is
add.
add: Creates an access control entry (ACE) if an ACE is not already present for a trustee and trustee access type. If an entry is already present for that trustee and trustee access type, this operation appends the access rights list to the current ACE for that trustee and trustee access type.
delete: Removes the access rights list provided from the existing ACE for a trustee and trustee access type. If the input access rights list is empty , the entire ACE that corresponds to the trustee and trustee access type is deleted.
replace: Replaces the entire ACE for the trustee and trustee access type with the input access rights list.
HTTP/1.1 200 OK
Date: Tue, 22 May 2012 12:00:00 GMT
Content-Length: <length>
Connection: close
Server: Apache2/2.2.19
Example request 2
This sample replaces the existing ACL of the directory with the access control entries that are specified in the
acl structure. If the
acl structure is empty, the existing ACL is replaced with default system values. The directory owner has default read and write access to the access control list.