| Modifier and Type | Field and Description |
|---|---|
static PolicyResponse |
PolicyResponse.NOT_MUTABLE |
static PolicyResponse |
PolicyResponse.NOT_PERMITTED |
static PolicyResponse |
PolicyResponse.NOT_VISIBLE |
static PolicyResponse |
PolicyResponse.VALID |
| Modifier and Type | Method and Description |
|---|---|
PolicyResponse |
PolicyResponse.log() |
PolicyResponse |
PolicyResponse.trace() |
PolicyResponse |
PolicyEvaluator.validate(Map<Integer,Object> methodParams,
PolicyInformation policy,
ContextInfo contextInfo,
OperationType operationType)
Validate security context required to execute a method annotated with
Policy. |
default PolicyResponse |
PolicyUtils.validatePermissions(String[] permissions,
ContextInfo contextInfo)
Determine if the current security context (e.g.
|
PolicyResponse |
PolicyEvaluator.validateReadOutput(Object output,
PolicyInformation policy)
Validate the output of a read method for methods annotated with a Policy of the
IdentityType.OWNER type and a matching user of the owner type (see
TrackablePolicyUtils#isOwnerUser()). |
PolicyResponse |
PolicyResponse.with(String reason,
Map<String,Object> authenticationDetails,
ContextInfo contextInfo) |
PolicyResponse |
PolicyResponse.with(String reason,
Map<String,Object> authenticationDetails,
org.apache.commons.lang3.tuple.Pair<String,String>... keyValue) |
| Modifier and Type | Method and Description |
|---|---|
protected void |
DefaultPolicyAspectProcessor.notify(PolicyResponse policyResponse)
Raise an exception for a failed
PolicyResponse |
| Modifier and Type | Method and Description |
|---|---|
protected PolicyResponse |
DefaultTrackablePolicyUtils.invalidPolicyResponse(PolicyResponse response,
String reason,
ContextInfo contextInfo) |
protected PolicyResponse |
DefaultTrackablePolicyUtils.invalidPolicyResponse(PolicyResponse response,
String reason,
org.apache.commons.lang3.tuple.Pair<String,String>... details) |
PolicyResponse |
TrackableEntityPolicyEvaluator.validate(Map<Integer,Object> methodParams,
PolicyInformation policy,
ContextInfo contextInfo,
OperationType operationType) |
protected PolicyResponse |
DefaultTrackablePolicyUtils.validateApplicationCatalogUpdate(@NonNull Trackable entity,
@NonNull Application application)
If a catalog discriminated entity, validate that the current user is capable of updating an
entity via the catalogs visible to the current application.
|
protected PolicyResponse |
DefaultTrackablePolicyUtils.validateApplicationUpdate(@NonNull Trackable entity,
@NonNull Application application)
If an application discriminated entity, validate that the current user is capable of updating
an entity via the application requested in the context.
|
PolicyResponse |
TrackablePolicyUtils.validateContext(ContextInfo contextInfo)
Review the
ContextInfo parameter for valid tenant user membership and valid catalog
visibility based on the current Authentication and requested tenant information in
the contextInfo. |
PolicyResponse |
DefaultTrackablePolicyUtils.validateContext(ContextInfo contextInfo) |
PolicyResponse |
TrackablePolicyUtils.validateContext(ContextInfo contextInfo,
String[] requiredPermissionRoots,
PermissionMatchingStrategy permissionMatchingStrategy,
OperationType operationType)
Review the
ContextInfo parameter for valid tenant user membership and valid catalog
visibility based on the current Authentication and requested tenant information in
the contextInfo. |
PolicyResponse |
DefaultTrackablePolicyUtils.validateContext(ContextInfo contextInfo,
String[] requiredPermissionRoots,
PermissionMatchingStrategy permissionMatchingStrategy,
OperationType operationType) |
PolicyResponse |
TrackablePolicyUtils.validateDelete(Trackable entity,
ContextInfo contextInfo,
String[] permissionRoots,
PermissionMatchingStrategy strategy)
Validate that before deleting (if the catalog discrimination is in play) that the item's
catalog is both visible to the current application, and mutable.
|
PolicyResponse |
DefaultTrackablePolicyUtils.validateDelete(Trackable entity,
ContextInfo contextInfo,
String[] permissionRoots,
PermissionMatchingStrategy strategy) |
protected PolicyResponse |
DefaultTrackablePolicyUtils.validateEntityOperation(Trackable entity,
ContextInfo contextInfo,
String[] permissionRoots,
PermissionMatchingStrategy strategy,
OperationType operationType) |
protected PolicyResponse |
DefaultTrackablePolicyUtils.validateEntityUpdate(Trackable entity,
@NonNull ContextInfo contextInfo)
Check update validity for a given entity instance
|
protected PolicyResponse |
DefaultTrackablePolicyUtils.validateEntityUpdateForTenantFactors(Trackable entity,
Application application,
String tenantId,
TrackableBehaviorPackage behavior) |
protected PolicyResponse |
DefaultTrackablePolicyUtils.validateGlobalMutateToInheritedCatalog(Trackable entity,
ContextInfo contextInfo) |
protected PolicyResponse |
DefaultTrackablePolicyUtils.validateGlobalUpdateToHiddenCatalog(Trackable entity) |
PolicyResponse |
TrackablePolicyUtils.validateInsert(Trackable entity,
ContextInfo contextInfo,
String[] permissionRoots,
PermissionMatchingStrategy strategy)
Validate that before inserting (if catalog discrimination is in play and the current entity
is catalog discriminatable) that the current catalog target for insertion is mutable.
|
PolicyResponse |
DefaultTrackablePolicyUtils.validateInsert(Trackable entity,
ContextInfo contextInfo,
String[] permissionRoots,
PermissionMatchingStrategy strategy) |
protected PolicyResponse |
DefaultTrackablePolicyUtils.validateOperation(ContextInfo contextInfo,
String[] permissionRoots,
PermissionMatchingStrategy strategy) |
protected PolicyResponse |
DefaultTrackablePolicyUtils.validateOperation(ContextInfo contextInfo,
String[] permissionRoots,
PermissionMatchingStrategy strategy,
OperationType operationType) |
PolicyResponse |
TrackablePolicyUtils.validateOther(ContextInfo contextInfo,
String[] permissionRoots,
PermissionMatchingStrategy strategy)
Validate that before misc operation, the required permission is available
|
PolicyResponse |
DefaultTrackablePolicyUtils.validateOther(ContextInfo contextInfo,
String[] permissionRoots,
PermissionMatchingStrategy strategy) |
PolicyResponse |
TrackablePolicyUtils.validateOwner(Object test,
IdentityType[] identityTypes,
String ownerIdentifier)
Validate the object against the currently logged in user.
|
PolicyResponse |
DefaultTrackablePolicyUtils.validateOwner(Object test,
IdentityType[] identityTypes,
String ownerIdentifier) |
PolicyResponse |
TrackablePolicyUtils.validatePermission(ContextInfo contextInfo,
String[] permissionRoots,
PermissionMatchingStrategy strategy)
Validate the permission against the granted authorities of the current
Authentication. |
PolicyResponse |
DefaultTrackablePolicyUtils.validatePermission(ContextInfo contextInfo,
String[] permissionRoots,
PermissionMatchingStrategy strategy) |
PolicyResponse |
TrackablePolicyUtils.validatePermission(String[] permissionRoots,
PermissionMatchingStrategy strategy,
OperationType operationType,
ContextInfo contextInfo)
Validate the permission against the granted authorities of the current
Authentication. |
PolicyResponse |
DefaultTrackablePolicyUtils.validatePermission(String[] permissionRoots,
PermissionMatchingStrategy strategy,
OperationType operationType,
ContextInfo contextInfo) |
PolicyResponse |
TrackablePolicyUtils.validateRead(ContextInfo contextInfo,
String[] permissionRoots,
PermissionMatchingStrategy strategy)
Validate that before reading, the required permission is available.
|
PolicyResponse |
DefaultTrackablePolicyUtils.validateRead(ContextInfo contextInfo,
String[] permissionRoots,
PermissionMatchingStrategy strategy) |
PolicyResponse |
TrackableEntityPolicyEvaluator.validateReadOutput(Object output,
PolicyInformation policy) |
protected PolicyResponse |
TrackableEntityPolicyEvaluator.validateRequestedOperation(Map<Integer,Object> methodParams,
PolicyInformation policy,
ContextInfo contextInfo,
OperationType operationType,
TrackablePolicyUtils trackablePolicyUtils) |
protected PolicyResponse |
DefaultTrackablePolicyUtils.validateTenantUpdate(@NonNull Trackable entity,
String tenantId) |
PolicyResponse |
TrackablePolicyUtils.validateUpdate(Trackable entity,
ContextInfo contextInfo,
String[] permissionRoots,
PermissionMatchingStrategy strategy)
Validate that before updating (if the catalog discrimination is in play) that the item's
catalog is both visible to the current application, and mutable.
|
PolicyResponse |
DefaultTrackablePolicyUtils.validateUpdate(Trackable entity,
ContextInfo contextInfo,
String[] permissionRoots,
PermissionMatchingStrategy strategy) |
| Modifier and Type | Method and Description |
|---|---|
protected PolicyResponse |
DefaultTrackablePolicyUtils.invalidPolicyResponse(PolicyResponse response,
String reason,
ContextInfo contextInfo) |
protected PolicyResponse |
DefaultTrackablePolicyUtils.invalidPolicyResponse(PolicyResponse response,
String reason,
org.apache.commons.lang3.tuple.Pair<String,String>... details) |
| Modifier and Type | Method and Description |
|---|---|
PolicyResponse |
VendorAwareTrackablePolicyUtils.validateContext(ContextInfo contextInfo) |
PolicyResponse |
VendorAwareTrackablePolicyUtils.validateContext(ContextInfo contextInfo,
String[] requiredPermissionRoots,
PermissionMatchingStrategy permissionMatchingStrategy,
OperationType operationType)
Performs similar validation to
DefaultTrackablePolicyUtils.validateContext(ContextInfo, String[], PermissionMatchingStrategy, OperationType),
but also considers whether the catalog in the contextInfo is visible by the current
authentication's vendor restrictions. |
protected PolicyResponse |
VendorAwareTrackablePolicyUtils.validateEntityMutableByCurrentVendorRestrictions(Trackable entity,
ContextInfo contextInfo,
String[] requiredPermissionRoots,
PermissionMatchingStrategy permissionMatchingStrategy,
OperationType operationType)
Checks whether the given
entity being mutated is actually mutable given the current
authentication's vendor privileges and provided policy requirements. |
protected PolicyResponse |
VendorAwareTrackablePolicyUtils.validateEntityOperation(Trackable entity,
ContextInfo contextInfo,
String[] permissionRoots,
PermissionMatchingStrategy strategy,
OperationType operationType)
This is the method used by
DefaultTrackablePolicyUtils.validateUpdate(Trackable, ContextInfo, String[], PermissionMatchingStrategy)
and
DefaultTrackablePolicyUtils.validateDelete(Trackable, ContextInfo, String[], PermissionMatchingStrategy)
to validate an entity can be updated/deleted by the current authentication, so it is
overridden here to add consideration for vendor restrictions. |
PolicyResponse |
VendorAwareTrackablePolicyUtils.validateInsert(Trackable entity,
ContextInfo contextInfo,
String[] permissionRoots,
PermissionMatchingStrategy strategy)
Overrides
DefaultTrackablePolicyUtils.validateInsert(Trackable, ContextInfo, String[], PermissionMatchingStrategy)
to add behavior that checks whether the entity can be inserted by the current
authentication's vendor restrictions. |
PolicyResponse |
VendorAwareTrackablePolicyUtils.validatePermission(String[] permissionRoots,
PermissionMatchingStrategy strategy,
OperationType operationType,
ContextInfo contextInfo)
Overrides
DefaultTrackablePolicyUtils.validatePermission(String[], PermissionMatchingStrategy, OperationType, ContextInfo)
to give special consideration to vendor restrictions and vendor-restricted authorities. |
PolicyResponse |
VendorAwareTrackablePolicyUtils.validatePermissions(String[] permissions,
ContextInfo contextInfo)
Overridden from
PolicyUtils.validatePermissions(String[], ContextInfo) to give
special consideration to vendor restrictions and vendor-restricted authorities. |
Copyright © 2021. All rights reserved.