io.inversion.action.security

Class AclAction

java.lang.Object

io.inversion.Rule<A>

io.inversion.Action<AclAction>

io.inversion.action.security.AclAction

All Implemented Interfaces:

java.lang.Comparable<AclAction>

public class AclAction
extends Action<AclAction>

The AclAction secures an API by making sure that a requests matches one or more declared AclRules

AclRules specify the roles and permissions that a user must have to access specific method/path combinations and can also specify input/output parameters that are either required or restricted

Nested Class Summary

Nested classes/interfaces inherited from class io.inversion.Rule

Rule.RuleMatcher

Field Summary

Fields

Modifier and Type	Field and Description
protected java.util.List<AclRule>	aclRules

Fields inherited from class io.inversion.Rule

configMap, configStr, excludeMatchers, excludeOn, includeMatchers, includeOn, log, name, order

Constructor Summary

Constructors

Constructor and Description
AclAction()

Method Summary

Modifier and Type	Method and Description
AclAction	orRequireAllPerms(java.lang.String httpMethods, java.lang.String includePaths, java.lang.String permission1, java.lang.String... permissionsN)
AclAction	orRequireAllRoles(java.lang.String httpMethods, java.lang.String includePaths, java.lang.String role1, java.lang.String... rolesN)
AclAction	orRequireOnePerm(java.lang.String httpMethods, java.lang.String includePaths, java.lang.String permission1, java.lang.String... permissionsN)
AclAction	orRequireOneRole(java.lang.String httpMethods, java.lang.String includePaths, java.lang.String role1, java.lang.String... rolesN)
void	run(Request req, Response resp) Override this method with your custom business logic or override one of the http method "doMETHOD" specific handlers.
AclAction	withAclRules(AclRule... acls)

Methods inherited from class io.inversion.Action

doDelete, doGet, doPatch, doPost, doPut, run0

Methods inherited from class io.inversion.Rule

checkLazyConfig, compareTo, doLazyConfig, getAllExcludePaths, getAllIncludePaths, getConfig, getConfig, getConfigKeys, getDefaultIncludeMatch, getExcludeMatchers, getIncludeMatchers, getName, getOrder, match, matches, matches, toString, withConfig, withExcludeOn, withExcludeOn, withExcludeOn, withIncludeOn, withIncludeOn, withIncludeOn, withName, withOrder

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

aclRules

protected final java.util.List<AclRule> aclRules

Constructor Detail

AclAction

public AclAction()

Method Detail

orRequireAllPerms

public AclAction orRequireAllPerms(java.lang.String httpMethods,
                                   java.lang.String includePaths,
                                   java.lang.String permission1,
                                   java.lang.String... permissionsN)

orRequireOnePerm

public AclAction orRequireOnePerm(java.lang.String httpMethods,
                                  java.lang.String includePaths,
                                  java.lang.String permission1,
                                  java.lang.String... permissionsN)

orRequireAllRoles

public AclAction orRequireAllRoles(java.lang.String httpMethods,
                                   java.lang.String includePaths,
                                   java.lang.String role1,
                                   java.lang.String... rolesN)

orRequireOneRole

public AclAction orRequireOneRole(java.lang.String httpMethods,
                                  java.lang.String includePaths,
                                  java.lang.String role1,
                                  java.lang.String... rolesN)

withAclRules

public AclAction withAclRules(AclRule... acls)

run

public void run(Request req,
                Response resp)
         throws ApiException

Description copied from class: Action

Override this method with your custom business logic or override one of the http method "doMETHOD" specific handlers.

Overrides:

run in class Action<AclAction>

Parameters:

req - the Request being serviced

resp - the Reponse being generated

Throws:

ApiException