Package com.broadleafcommerce.search.autoconfigure

Class SearchCatalogAccessPolicyProperties

java.lang.Object
com.broadleafcommerce.search.autoconfigure.SearchCatalogAccessPolicyProperties
@ConfigurationProperties("broadleaf.search.common.catalog-access-policy") public class SearchCatalogAccessPolicyProperties extends Object
Properties related to SearchCatalogAccessPolicy
Author:
Susana Cruz (susanaccruz)

  • Constructor Details

    • SearchCatalogAccessPolicyProperties

      public SearchCatalogAccessPolicyProperties()

  • Method Details

    • getRequestAttributeList

      public List<String> getRequestAttributeList()
      Represents the list of attribute from a WebRequest to store on SearchCatalogAccessPolicyContext. This is used to whitelist request attributes used when evaluating CatalogAccessPolicies. The attribute name should be matched by a field name configured in metadata for the SearchCatalogAccessPolicy.getMatchRule() ()} rule-builder.

    • getAdditionalClaims

      public List<String> getAdditionalClaims()
      Represents a list of additional auth token claims to add as attributes to the SearchCatalogAccessPolicyContext for rules to be evaluated against. The claim name should be matched by a field name configured in metadata for the SearchCatalogAccessPolicy.getMatchRule() rule-builder.

    • getWhitelistedServiceCallers

      public Set<String> getWhitelistedServiceCallers()
      The names of external microservices that are expected to call Search Service for admin or bulk processing requests and should be whitelisted so that they bypass Catalog Access Policy filtering.

      When another service calls Search, the original user's (e.g., admin user's) auth token is replaced by the calling service's, so any information about them must be provided in the request rather than in the auth.

    • setRequestAttributeList

      public void setRequestAttributeList(List<String> requestAttributeList)
      Represents the list of attribute from a WebRequest to store on SearchCatalogAccessPolicyContext. This is used to whitelist request attributes used when evaluating CatalogAccessPolicies. The attribute name should be matched by a field name configured in metadata for the SearchCatalogAccessPolicy.getMatchRule() ()} rule-builder.

    • setAdditionalClaims

      public void setAdditionalClaims(List<String> additionalClaims)
      Represents a list of additional auth token claims to add as attributes to the SearchCatalogAccessPolicyContext for rules to be evaluated against. The claim name should be matched by a field name configured in metadata for the SearchCatalogAccessPolicy.getMatchRule() rule-builder.

    • setWhitelistedServiceCallers

      public void setWhitelistedServiceCallers(Set<String> whitelistedServiceCallers)
      The names of external microservices that are expected to call Search Service for admin or bulk processing requests and should be whitelisted so that they bypass Catalog Access Policy filtering.

      When another service calls Search, the original user's (e.g., admin user's) auth token is replaced by the calling service's, so any information about them must be provided in the request rather than in the auth.

    • equals

      public boolean equals(Object o)
      Overrides:
      equals in class Object

    • canEqual

      protected boolean canEqual(Object other)

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object

    • toString

      public String toString()
      Overrides:
      toString in class Object