Class CatalogAccessPolicyProperties
java.lang.Object
com.broadleafcommerce.catalog.service.context.CatalogAccessPolicyProperties
@ConfigurationProperties("broadleaf.catalog.catalog-access-policy")
public class CatalogAccessPolicyProperties
extends Object
Properties related to
CatalogAccessPolicy
- Author:
- Susana Cruz (susanaccruz)
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionprotected boolean
boolean
Represents a list of additional auth token claims to add as attributes to theCatalogAccessPolicyContext
for rules to be evaluated against.Represents the list of attribute from aWebRequest
to store onCatalogAccessPolicyContext
.The names of external microservices that are expected to call Catalog Service for admin or bulk processing requests and should be whitelisted so that they bypass Catalog Access Policy filtering.int
hashCode()
void
setAdditionalClaims
(List<String> additionalClaims) Represents a list of additional auth token claims to add as attributes to theCatalogAccessPolicyContext
for rules to be evaluated against.void
setRequestAttributeList
(List<String> requestAttributeList) Represents the list of attribute from aWebRequest
to store onCatalogAccessPolicyContext
.void
setWhitelistedServiceCallers
(Set<String> whitelistedServiceCallers) The names of external microservices that are expected to call Catalog Service for admin or bulk processing requests and should be whitelisted so that they bypass Catalog Access Policy filtering.toString()
-
Constructor Details
-
CatalogAccessPolicyProperties
public CatalogAccessPolicyProperties()
-
-
Method Details
-
getRequestAttributeList
Represents the list of attribute from aWebRequest
to store onCatalogAccessPolicyContext
. This is used to whitelist request attributes used when evaluatingCatalogAccessPolicies
. The attribute name should be matched by a field name configured in metadata for theCatalogAccessPolicy.getMatchRule()
()} rule-builder. -
getAdditionalClaims
Represents a list of additional auth token claims to add as attributes to theCatalogAccessPolicyContext
for rules to be evaluated against. The claim name should be matched by a field name configured in metadata for theCatalogAccessPolicy.getMatchRule()
rule-builder. -
getWhitelistedServiceCallers
The names of external microservices that are expected to call Catalog Service for admin or bulk processing requests and should be whitelisted so that they bypass Catalog Access Policy filtering.When another service calls Catalog, the original user's (e.g., admin user's) auth token is replaced by the calling service's, so any information about them must be provided in the request rather than in the auth.
-
setRequestAttributeList
Represents the list of attribute from aWebRequest
to store onCatalogAccessPolicyContext
. This is used to whitelist request attributes used when evaluatingCatalogAccessPolicies
. The attribute name should be matched by a field name configured in metadata for theCatalogAccessPolicy.getMatchRule()
()} rule-builder. -
setAdditionalClaims
Represents a list of additional auth token claims to add as attributes to theCatalogAccessPolicyContext
for rules to be evaluated against. The claim name should be matched by a field name configured in metadata for theCatalogAccessPolicy.getMatchRule()
rule-builder. -
setWhitelistedServiceCallers
The names of external microservices that are expected to call Catalog Service for admin or bulk processing requests and should be whitelisted so that they bypass Catalog Access Policy filtering.When another service calls Catalog, the original user's (e.g., admin user's) auth token is replaced by the calling service's, so any information about them must be provided in the request rather than in the auth.
-
equals
-
canEqual
-
hashCode
public int hashCode() -
toString
-