Package io.continual.iam.access

Class AccessControlEntry

java.lang.Object

io.continual.iam.access.AccessControlEntry

public class AccessControlEntry
extends Object

An access control entry, which has an identity, a permit/deny access flag, and a set of operation labels that are specific to the service that owns the ACL.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	AccessControlEntry.Access	ACL entry permission; permit or deny
static class	AccessControlEntry.Builder

Field Summary

Fields

Modifier and Type	Field	Description
static String	kAnyOperation	Special setting "any operation"
static String	kAnyUser	Special user setting "any user"
static String	kOwner	Special user setting "owner"

Constructor Summary

Constructors

Constructor	Description
AccessControlEntry(AccessControlEntry that)
AccessControlEntry(String userOrGroupId, AccessControlEntry.Access p, String operation)
AccessControlEntry(String userOrGroupId, AccessControlEntry.Access p, String[] operations)
AccessControlEntry(String userOrGroupId, AccessControlEntry.Access p, Collection<String> a)

Method Summary

Modifier and Type	Method	Description
static AccessControlEntry.Builder	builder()	Create a builder for an ACL entry
AccessControlEntry.Access	check(String userId, Set<String> groups, boolean isOwner, String op)	Get an access permission for a given user ID or group set on a given operation.
AccessControlEntry	clone()
static AccessControlEntry	deserialize(org.json.JSONObject o)	Deserialize a JSON object created by serialize()
int	getOperationCount()	Get the number of operations in this ACL entry
String[]	getOperations()	Get the operation set in this ACL entry
Set<String>	getOperationSet()	Get the operation set in this ACL entry
AccessControlEntry.Access	getPermission()	Get the permission for this ACL entry
String	getSubject()	Get the subject of this ACL entry
boolean	removeOperation(String op)	Remove the operation.
org.json.JSONObject	serialize()	Serialize this ACL entry to a JSON object
String	toString()

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

kAnyUser

public static final String kAnyUser

Special user setting "any user"

See Also:

Constant Field Values

kAnyOperation

public static final String kAnyOperation

Special setting "any operation"

See Also:

Constant Field Values

kOwner

public static final String kOwner

Special user setting "owner"

See Also:

Constant Field Values

Constructor Detail

AccessControlEntry

public AccessControlEntry(AccessControlEntry that)

AccessControlEntry

public AccessControlEntry(String userOrGroupId,
                          AccessControlEntry.Access p,
                          String operation)

AccessControlEntry

public AccessControlEntry(String userOrGroupId,
                          AccessControlEntry.Access p,
                          String[] operations)

AccessControlEntry

public AccessControlEntry(String userOrGroupId,
                          AccessControlEntry.Access p,
                          Collection<String> a)

Method Detail

builder

public static AccessControlEntry.Builder builder()

Create a builder for an ACL entry

Returns:

a new builder

clone

public AccessControlEntry clone()

Overrides:

clone in class Object

check

public AccessControlEntry.Access check(String userId,
                                       Set<String> groups,
                                       boolean isOwner,
                                       String op)

Get an access permission for a given user ID or group set on a given operation. If the entry doesn't match the user/groups, then null is returned.

Parameters:

userId - a user ID

groups - a group set, presumably associated with the user

isOwner - true if the user Id is the ACL owner (which is not visible to entries)

op - the operation, which is checked as a case-insensitive string

Returns:

an access permission or null if no match

getSubject

public String getSubject()

Get the subject of this ACL entry

Returns:

the subject

getPermission

public AccessControlEntry.Access getPermission()

Get the permission for this ACL entry

Returns:

PERMIT or DENY

getOperationSet

public Set<String> getOperationSet()

Get the operation set in this ACL entry

Returns:

a set of operations

getOperations

public String[] getOperations()

Get the operation set in this ACL entry

Returns:

an array of operations

getOperationCount

public int getOperationCount()

Get the number of operations in this ACL entry

Returns:

the count of operations

removeOperation

public boolean removeOperation(String op)

Remove the operation.

Parameters:

op - the operation to remove

Returns:

true if there was a change

toString

public String toString()

Overrides:

toString in class Object

serialize

public org.json.JSONObject serialize()

Serialize this ACL entry to a JSON object

Returns:

a json object

deserialize

public static AccessControlEntry deserialize(org.json.JSONObject o)

Deserialize a JSON object created by serialize()

Parameters:

o - a JSON object

Returns:

an ACL entry