All Known Subinterfaces:

AccessManager<G>, IamDb<I,G>

All Known Implementing Classes:

CommonJsonDb, JsonDocDb
```
public interface AccessDb<G extends Group>
```
A database view for access queries.

Field Summary

Fields
Modifier and Type Field Description

static String kCreateOperation

static String kDeleteOperation

static String kReadOperation

static String kWriteOperation

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method	Description
`boolean`	`canUser(String id, Resource resource, String operation)`	Can the given user perform the requested access?
`AccessControlList`	`getAclFor(Resource resource)`	load an ACL for a resource
`G`	`loadGroup(String id)`	Get a group by its identifier.

- Field Detail
  - kCreateOperation
```
static final String kCreateOperation
```
    See Also:
    
    Constant Field Values
  - kReadOperation
```
static final String kReadOperation
```
    See Also:
    
    Constant Field Values
  - kWriteOperation
```
static final String kWriteOperation
```
    See Also:
    
    Constant Field Values
  - kDeleteOperation
```
static final String kDeleteOperation
```
    See Also:
    
    Constant Field Values
- Method Detail
  - loadGroup
```
G loadGroup(String id)
     throws IamSvcException
```
    Get a group by its identifier.
    
    Parameters:
    
    id - the group's ID
    
    Returns:
    
    a group, or null if it does not exist
    
    Throws:
    
    IamSvcException - if there's a problem in the IAM service
  - getAclFor
```
AccessControlList getAclFor(Resource resource)
                     throws IamSvcException
```
    load an ACL for a resource
    
    Parameters:
    
    resource - the resource for which you want the ACL
    
    Returns:
    
    an ACL, or null if there is none
    
    Throws:
    
    IamSvcException - if there's a problem in the IAM service
  - canUser
```
boolean canUser(String id,
                Resource resource,
                String operation)
         throws IamSvcException
```
    Can the given user perform the requested access?
    
    Parameters:
    
    id - the identity/subject making the request
    
    resource - the resource on which access is requested
    
    operation - the operation
    
    Returns:
    
    true if the user is allowed to perform the operation, false otherwise
    
    Throws:
    
    IamSvcException - if there's a problem in the IAM service

Modifier and Type	Field	Description
`static String`	`kCreateOperation`
`static String`	`kDeleteOperation`
`static String`	`kReadOperation`
`static String`	`kWriteOperation`

Interface AccessDb<G extends Group>

Field Summary

Method Summary

Field Detail

kCreateOperation

kReadOperation

kWriteOperation

kDeleteOperation

Method Detail

loadGroup

getAclFor

canUser