Package org.jboss.hal.meta.security
Class AuthorisationDecision
- java.lang.Object
-
- org.jboss.hal.meta.security.AuthorisationDecision
-
public class AuthorisationDecision extends Object
Class to decide whether a single or a set of constraints are allowed according to a given security context. The security context must be provided by aSecurityContextResolver.isAllowed()returnstrueif the security context was resolved and the constraint is valid.To hide or disable UI elements, use one of the following strategies:
- Eager filtering
- If the security context is available when the UI elements are created, filter the elements based on the
outcome of
isAllowed(). Add only allowed elements to the DOM. - Late hiding
- If the security context is not available when the UI elements are created, store the constraints as
data-constraintattributes. Later when you have access to the security context post-process the elements using one of theprocessElements()method fromElementGuard.
If WildFly uses
AccessControlProvider.SIMPLE,isAllowed()will always returntrue.
-
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static AuthorisationDecisionfrom(Environment environment, SecurityContext securityContext)static AuthorisationDecisionfrom(Environment environment, SecurityContextRegistry securityContextRegistry)static AuthorisationDecisionfrom(Environment environment, SecurityContextResolver resolver)booleanisAllowed(Constraint constraint)booleanisAllowed(Constraints constraints)
-
-
-
Method Detail
-
from
public static AuthorisationDecision from(Environment environment, SecurityContextRegistry securityContextRegistry)
-
from
public static AuthorisationDecision from(Environment environment, SecurityContext securityContext)
-
from
public static AuthorisationDecision from(Environment environment, SecurityContextResolver resolver)
-
isAllowed
public boolean isAllowed(Constraints constraints)
-
isAllowed
public boolean isAllowed(Constraint constraint)
-
-