public class PrivilegeSummary extends Object
DefaultOAuth2UserDetailsService and PrivilegeService to
hold all the authorities, restrictions, and restricted authorities of a User.| Constructor and Description |
|---|
PrivilegeSummary(Set<String> allAuthorities,
Map<String,Set<String>> restrictions,
Map<String,Map<String,Set<String>>> restrictedAuthorities) |
| Modifier and Type | Method and Description |
|---|---|
protected boolean |
canEqual(Object other) |
boolean |
equals(Object o) |
Set<String> |
getAllAuthorities()
All the authorities for the current authentication.
|
Map<String,Map<String,Set<String>>> |
getRestrictedAuthorities()
All of the restricted authorities for the current authentication.
|
Map<String,Set<String>> |
getRestrictions()
All of the
User.getRestrictions() for the current authentication. |
int |
hashCode() |
void |
setAllAuthorities(Set<String> allAuthorities)
All the authorities for the current authentication.
|
void |
setRestrictedAuthorities(Map<String,Map<String,Set<String>>> restrictedAuthorities)
All of the restricted authorities for the current authentication.
|
void |
setRestrictions(Map<String,Set<String>> restrictions)
All of the
User.getRestrictions() for the current authentication. |
String |
toString() |
public Set<String> getAllAuthorities()
user's flat permissions, flat roles and their ancestors, restricted roles and
their ancestors, and restricted permissions. This also includes authorities from
server's flat permissions, and flat roles and their ancestors.
Ultimately, if the authentication was granted an authority anywhere, within restriction(s) or otherwise, it should appear in this set.
public Map<String,Set<String>> getRestrictions()
User.getRestrictions() for the current authentication.
This is a map from restriction types to restriction targets.
An empty map indicates the user is unrestricted.
public Map<String,Map<String,Set<String>>> getRestrictedAuthorities()
This is a map from authority name to a map of restriction types to targets in which the authority is granted to the authentication. For example: {READ_PRODUCT: {VENDOR: [vendorA]}}.
This includes authorities from restricted permissions
and restricted roles and their ancestors.
Additionally, the User.getRestrictions() are combined with "flat permissions" sourced
from the following places to also form entries in this map:
User.getPermissions()User.getRoles() and their ancestorsAuthorizationServer.getDefaultUserPermissions()AuthorizationServer.getDefaultUserRoles() and their ancestorspublic void setAllAuthorities(Set<String> allAuthorities)
user's flat permissions, flat roles and their ancestors, restricted roles and
their ancestors, and restricted permissions. This also includes authorities from
server's flat permissions, and flat roles and their ancestors.
Ultimately, if the authentication was granted an authority anywhere, within restriction(s) or otherwise, it should appear in this set.
public void setRestrictions(Map<String,Set<String>> restrictions)
User.getRestrictions() for the current authentication.
This is a map from restriction types to restriction targets.
An empty map indicates the user is unrestricted.
public void setRestrictedAuthorities(Map<String,Map<String,Set<String>>> restrictedAuthorities)
This is a map from authority name to a map of restriction types to targets in which the authority is granted to the authentication. For example: {READ_PRODUCT: {VENDOR: [vendorA]}}.
This includes authorities from restricted permissions
and restricted roles and their ancestors.
Additionally, the User.getRestrictions() are combined with "flat permissions" sourced
from the following places to also form entries in this map:
User.getPermissions()User.getRoles() and their ancestorsAuthorizationServer.getDefaultUserPermissions()AuthorizationServer.getDefaultUserRoles() and their ancestorsprotected boolean canEqual(Object other)
Copyright © 2021. All rights reserved.