Package io.continual.iam.access
Class AccessControlEntry
java.lang.Object
io.continual.iam.access.AccessControlEntry
An access control entry, which has an identity, a permit/deny access
flag, and a set of operation labels that are specific to the service
that owns the ACL.
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic enumACL entry permission; permit or denystatic class -
Field Summary
Fields -
Constructor Summary
ConstructorsConstructorDescriptionAccessControlEntry(String userOrGroupId, AccessControlEntry.Access p, String operation) AccessControlEntry(String userOrGroupId, AccessControlEntry.Access p, String[] operations) AccessControlEntry(String userOrGroupId, AccessControlEntry.Access p, Collection<String> a) -
Method Summary
Modifier and TypeMethodDescriptionstatic AccessControlEntry.Builderbuilder()Create a builder for an ACL entryGet an access permission for a given user ID or group set on a given operation.clone()static AccessControlEntrydeserialize(org.json.JSONObject o) Deserialize a JSON object created by serialize()intGet the number of operations in this ACL entryString[]Get the operation set in this ACL entryGet the operation set in this ACL entryGet the permission for this ACL entryGet the subject of this ACL entrybooleanRemove the operation.org.json.JSONObjectSerialize this ACL entry to a JSON objecttoString()
-
Field Details
-
kAnyUser
Special user setting "any user"- See Also:
-
kAnyOperation
Special setting "any operation"- See Also:
-
kOwner
Special user setting "owner"- See Also:
-
-
Constructor Details
-
AccessControlEntry
-
AccessControlEntry
-
AccessControlEntry
-
AccessControlEntry
-
-
Method Details
-
builder
Create a builder for an ACL entry- Returns:
- a new builder
-
clone
-
check
public AccessControlEntry.Access check(String userId, Set<String> groups, boolean isOwner, String op) Get an access permission for a given user ID or group set on a given operation. If the entry doesn't match the user/groups, then null is returned.- Parameters:
userId- a user IDgroups- a group set, presumably associated with the userisOwner- true if the user Id is the ACL owner (which is not visible to entries)op- the operation, which is checked as a case-insensitive string- Returns:
- an access permission or null if no match
-
getSubject
Get the subject of this ACL entry- Returns:
- the subject
-
getPermission
Get the permission for this ACL entry- Returns:
- PERMIT or DENY
-
getOperationSet
Get the operation set in this ACL entry- Returns:
- a set of operations
-
getOperations
Get the operation set in this ACL entry- Returns:
- an array of operations
-
getOperationCount
public int getOperationCount()Get the number of operations in this ACL entry- Returns:
- the count of operations
-
removeOperation
Remove the operation.- Parameters:
op- the operation to remove- Returns:
- true if there was a change
-
toString
-
serialize
public org.json.JSONObject serialize()Serialize this ACL entry to a JSON object- Returns:
- a json object
-
deserialize
Deserialize a JSON object created by serialize()- Parameters:
o- a JSON object- Returns:
- an ACL entry
-