All Known Subinterfaces:

TrackablePolicyUtils

All Known Implementing Classes:

DefaultTrackablePolicyUtils, VendorAwareTrackablePolicyUtils
```
public interface PolicyUtils
```
Utility class capable of performing validation of a requested operation based on permissions available to the current Authentication. This is generally subclassed to provide business rule verification on additional context information outside of Spring granted authorities alone.

Author:

Jeff Fischer

Field Summary

Fields
Modifier and Type	Field	Description
`static String`	`DEFAULT_AUTH_DETAILS_OWNER_ID`	Key used when determining if a user owns a particular entity.
`static org.slf4j.Logger`	`log`
`static String`	`ROLE_ANONYMOUS`

Method Summary

All Methods Instance Methods Abstract Methods Default Methods
Modifier and Type	Method	Description
`default String`	`getAuthDetailsOwnerIdentifier()`
`default org.springframework.security.core.Authentication`	`getAuthentication()`	Retrieve the current Spring `Authentication` instance associated with the current flow, if any.
`Map<String,Object>`	`getAuthenticationAttributes()`	Retrieves the attributes on the current `Authentication` that are useful in making policy determinations.
`default PolicyResponse`	`validatePermissions(String[] permissions, ContextInfo contextInfo)`	Determine if the current security context (e.g.

- Field Detail
  - log
```
static final org.slf4j.Logger log
```
  - ROLE_ANONYMOUS
```
static final String ROLE_ANONYMOUS
```
    See Also:
    
    Constant Field Values
  - DEFAULT_AUTH_DETAILS_OWNER_ID
```
static final String DEFAULT_AUTH_DETAILS_OWNER_ID
```
    Key used when determining if a user owns a particular entity.
    
    See Also:
    
    Owned, Constant Field Values
- Method Detail
  - getAuthentication
```
default org.springframework.security.core.Authentication getAuthentication()
```
    Retrieve the current Spring Authentication instance associated with the current flow, if any.
    
    Returns:
    
    The current Spring Authentication instance associated with the current flow
  - getAuthenticationAttributes
```
Map<String,Object> getAuthenticationAttributes()
```
    Retrieves the attributes on the current Authentication that are useful in making policy determinations. This method is expected to return the attributes in a map which is generally achieved by a registered Converter bean.
    
    Returns:
    
    the attributes, if any, on the current Authentication
  - validatePermissions
```
default PolicyResponse validatePermissions(@Nullable
                                           String[] permissions,
                                           @Nullable
                                           ContextInfo contextInfo)
```
    Determine if the current security context (e.g. Authentication) is valid against the requested permission. If Spring Security is disabled (no Authentication available), the response will be PolicyResponse.VALID.
    
    Parameters:
    
    permissions - the permissions to check. A single permission in the current getAuthentication() must match to pass the policy
    
    contextInfo - the context containing multitenant application, tenant and catalog information. Not used in the default implementation, though custom implementations may use this for validation purposes.
    
    Returns:
    
    the result of the validation
  - getAuthDetailsOwnerIdentifier
```
default String getAuthDetailsOwnerIdentifier()
```

Interface PolicyUtils

Field Summary

Method Summary

Field Detail

log

ROLE_ANONYMOUS

DEFAULT_AUTH_DETAILS_OWNER_ID

Method Detail

getAuthentication

getAuthenticationAttributes

validatePermissions

getAuthDetailsOwnerIdentifier