Package org.wildfly.security.authz
Interface PermissionMapper
- All Known Implementing Classes:
SimplePermissionMapper
- Functional Interface:
- This is a functional interface and can therefore be used as the assignment target for a lambda expression or method reference.
A permission mapper is responsible to enable permission mapping to a
SecurityDomain
in order to obtain and check permissions based on an previously authorized identity and any other authorization information (eg.: roles)
associated with it.- Author:
- Pedro Igor
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final PermissionMapperA default implementation that does nothing but returns an empty and read-onlyPermissionVerifier. -
Method Summary
Modifier and TypeMethodDescriptiondefault PermissionMapperand(PermissionMapper other) Returns a new mapper where thePermissionVerifiercreated by thisPermissionMapperis combined with thePermissionVerifierof theotherPermissionMapperusing 'and'.static PermissionMappercreateConstant(PermissionVerifier verifier) Returns a new mapper that maps all to pre-definedPermissionVerifierinstance.mapPermissions(PermissionMappable permissionMappable, Roles roles) Returns aPermissionVerifierwith all the permissions associated with the given information.default PermissionMapperor(PermissionMapper other) Returns a new mapper where thePermissionVerifiercreated by thisPermissionMapperis combined with thePermissionVerifierof theotherPermissionMapperusing 'or'.default PermissionMapperunless(PermissionMapper other) Returns a new mapper where thePermissionVerifiercreated by thisPermissionMapperis combined with thePermissionVerifierof theotherPermissionMapperusing 'unless'.default PermissionMapperxor(PermissionMapper other) Returns a new mapper where thePermissionVerifiercreated by thisPermissionMapperis combined with thePermissionVerifierof theotherPermissionMapperusing 'xor'.
-
Field Details
-
EMPTY_PERMISSION_MAPPER
A default implementation that does nothing but returns an empty and read-onlyPermissionVerifier.
-
-
Method Details
-
mapPermissions
Returns a
PermissionVerifierwith all the permissions associated with the given information.Once returned, client code can use the
PermissionVerifier.implies(Permission)to check if a given permission is granted or not to the given principal. Implementors must make sure that the returned collection is immutable.- Parameters:
permissionMappable- the object to which permissions can be mapped (must not benull)roles- a set of effective roles after all role mapping was applied by security domain (may benull)- Returns:
- a permission verifier (not
null)
-
and
Returns a new mapper where thePermissionVerifiercreated by thisPermissionMapperis combined with thePermissionVerifierof theotherPermissionMapperusing 'and'.- Parameters:
other- the otherPermissionMapperto combine with thisPermissionMapper- Returns:
- the combined
PermissionMapper
-
or
Returns a new mapper where thePermissionVerifiercreated by thisPermissionMapperis combined with thePermissionVerifierof theotherPermissionMapperusing 'or'.- Parameters:
other- the otherPermissionMapperto combine with thisPermissionMapper- Returns:
- the combined
PermissionMapper
-
xor
Returns a new mapper where thePermissionVerifiercreated by thisPermissionMapperis combined with thePermissionVerifierof theotherPermissionMapperusing 'xor'.- Parameters:
other- the otherPermissionMapperto combine with thisPermissionMapper- Returns:
- the combined
PermissionMapper
-
unless
Returns a new mapper where thePermissionVerifiercreated by thisPermissionMapperis combined with thePermissionVerifierof theotherPermissionMapperusing 'unless'.- Parameters:
other- the otherPermissionMapperto combine with thisPermissionMapper- Returns:
- the combined
PermissionMapper
-
createConstant
Returns a new mapper that maps all to pre-definedPermissionVerifierinstance.- Parameters:
verifier- thePermissionVerifierthat will be returned for anybody.- Returns:
- the constant
PermissionVerifier
-