The body of an ACL has the XML elements shown below. The elements at each hierarchical level can occur in any order.
<?xml version="1.0" ?>
<accessControlList>
<grant>
<grantee>
<type>(user|group)</type>
<name>(hcp-username|
active-directory-username|
active-directory-group-name|
all_users|
authenticated)
</name>
If the name element specifies an Active Directory
user or
group, include the domain entry
<domain>active-directory-domain</domain>
</grantee>
<permissions>
Any combination of the following
<permission>READ</permission>
<permission>READ_ACL</permission>
<permission>WRITE</permission>
<permission>WRITE_ACL</permission>
<permission>DELETE</permission>
</permissions>
</grant>
Up to 999 additional grant elements
</accessControlList>
Here is an example of an ACL that grants read and write permission to all users and grants read, write, and delete permission to the tenant-level HCP user with the username lgreen:
<?xml version="1.0" ?>
<accessControlList>
<grant>
<grantee>
<name>all_users</name>
<type>group</type>
</grantee>
<permissions>
<permission>READ</permission>
<permission>WRITE</permission>
</permissions>
</grant>
<grant>
<grantee>
<name>lgreen</name>
<type>user</type>
</grantee>
<permissions>
<permission>READ</permission>
<permission>WRITE</permission>
<permission>DELETE</permission>
</permissions>
</grant>
</accessControlList>
© 2016 Hitachi Data Systems Corporation. All rights reserved.