// Copyright (c) 1999-2000 David Muse
// See the COPYING file for more information.

#ifndef PERMISSIONS_H
#define PERMISSIONS_H

// Permissions are access priveleges.  Files, directories, semaphores and
// shared memory segments all have permissions associated with them.
//
// There are 3 types of permissions: read, write and execute.
//
// These permissions can be granted to:
//      1. The user that owns the object.
//      2. Other users in the group of the user that owns the object.
//      3. All other users.
//
// The execute permission has 2 modifications which can be applied to it:
//      1. Set user id - the program will run as the user that owns
//                      it instead of as the user that ran it
//      1. Set group id - the program will run as the group that owns
//                      it instead of as the group of the user that ran it
//
// The "sticky bit" may also be set.  When set, the file is saved in the
// system's swap space. As a side-effect, it cannot be deleted by a user other
// than the one that created it.

#include <sys/types.h>

class permissions {
        public:
                static  int     setFilePermissions(char *filename,
                                                        mode_t perms);
                                // set the permissions on "filename" to "perms"
                static  int     setFilePermissions(int filehandle,
                                                        mode_t perms);
                                // set the permissions on the file associated
                                // with "filehandle" to "perms"

                static  mode_t  evalPermString(char *permstring);
                                // Return a permission defined in "permstring".
                                //
                                // "permstring" should be the same format as
                                // displayed by the "ls -l" command.
                                //
                                // The first 3 characters set permissions for 
                                // the owner.
                                // The next 3 characters set permissions for 
                                // the group.
                                // The next 3 characters set permissions for 
                                // all others.
                                //
                                // For example:
                                //      rwxr-xr-x : read/execute for everyone
                                //                      and write for the owner
                                //      rw-rw-r-- : read for everyone and
                                //                      write for the owner and
                                //                      owner's group
                                //      rw-r--r-- : read for everyone and
                                //                      write for the owner
                                //      rwsr-sr-x : read/execute for everyone,
                                //                      write for the owner and
                                //                      run as the user/group
                                //                      that owns the file
                                //      rw-rw-rwt : read/write for everyone,
                                //                      and save the file in
                                //                      swap space
                


                // The following methods can be or'ed together to define
                // a permission.  For example:
                //
                // mode_t perm=(ownerReadWriteExecute() | 
                //                      groupReadExecute() | 
                //                      othersReadExecute())
                // 
                // sets perm equal to rwxr-xr-x permissions 

                static  mode_t  everyoneReadWrite();
                                // returns rw-rw-rw- (666) permissions
                static  mode_t  everyoneReadWriteExecute();
                                // returns rwxrwxrwx (777) permissions
                static  mode_t  ownerRead();
                                // returns r-------- (400) permissions
                static  mode_t  ownerWrite();
                                // returns -w------- (200) permissions
                static  mode_t  ownerExecute();
                                // returns --x------ (100) permissions
                static  mode_t  ownerReadWrite();
                                // returns rw------- (600) permissions
                static  mode_t  ownerReadExecute();
                                // returns r-x------ (500) permissions
                static  mode_t  ownerReadWriteExecute();
                                // returns rwx------ (700) permissions
                static  mode_t  groupRead();
                                // returns ---r----- (040) permissions
                static  mode_t  groupWrite();
                                // returns ----w---- (020) permissions
                static  mode_t  groupExecute();
                                // returns -----x--- (010) permissions
                static  mode_t  groupReadWrite();
                                // returns ---rw---- (060) permissions
                static  mode_t  groupReadExecute();
                                // returns ---r-x--- (050) permissions
                static  mode_t  groupReadWriteExecute();
                                // returns ---rwx--- (070) permissions
                static  mode_t  othersRead();
                                // returns ------r-- (004) permissions
                static  mode_t  othersWrite();
                                // returns -------w- (002) permissions
                static  mode_t  othersExecute();
                                // returns --------x (001) permissions
                static  mode_t  othersReadWrite();
                                // returns ------rw- (006) permissions
                static  mode_t  othersReadExecute();
                                // returns ------r-x (005) permissions
                static  mode_t  othersReadWriteExecute();
                                // returns ------rwx (007) permissions
                static  mode_t  saveInSwapSpace();
                                // returns --------t permissions
                static  mode_t  setUserId();
                                // returns --s------ (u+s) permissions
                static  mode_t  setGroupId();
                                // returns -----s--- (g+s) permissions
};

#endif