Package io.vertx.ext.auth.abac
Class Policy
- java.lang.Object
-
- io.vertx.ext.auth.abac.Policy
-
public class Policy extends Object
Simple definition of ABAC policies. A policy is a set of rules that are evaluated against a set of attributes. On successful evaluation the policy is considered to be satisfied and the listed authorizations are granted.
-
-
Constructor Summary
Constructors Constructor Description Policy()Policy(JsonObject json)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description PolicyaddAttribute(Attribute attribute)Add an attribute to the policy.PolicyaddAuthorization(Authorization authorization)Add an authorization to the policy.PolicyaddSubject(String subject)Add a subject to the current policy.Set<Attribute>getAttributes()Get the attributes of the policy.Set<Authorization>getAuthorizations()Get the authorizations of the policy.StringgetName()Get the name of the policySet<String>getSubjects()Get the subjects of the policy.PolicysetAttributes(Set<Attribute> attributes)Set the attributes of the policy.PolicysetAuthorizations(Set<Authorization> authorizations)Set the authorizations of the policy.PolicysetName(String name)Set the policy name.PolicysetSubjects(Set<String> subjects)Replaces all active subjects with the given set.JsonObjecttoJson()Encode this policy as a JSON document to facilitate storage and retrieval.StringtoString()
-
-
-
Constructor Detail
-
Policy
public Policy()
-
Policy
public Policy(JsonObject json)
-
-
Method Detail
-
getName
public String getName()
Get the name of the policy
-
setName
public Policy setName(String name)
Set the policy name. This is optional and has no effect on the policy evaluation.- Parameters:
name- the name.
-
getSubjects
public Set<String> getSubjects()
Get the subjects of the policy. This is an exact match on subject ids.
-
addSubject
public Policy addSubject(String subject)
Add a subject to the current policy.- Parameters:
subject- the subject id as in the return ofUser.subject()
-
setSubjects
public Policy setSubjects(Set<String> subjects)
Replaces all active subjects with the given set. Nosubjectsimplies that the policy applies to all users.
-
getAttributes
public Set<Attribute> getAttributes()
Get the attributes of the policy. Attributes are environmental values that are extracted from theUser. Attributes are used to filter the amount of policies to be evaluated. For example, if a policy has an attribute:{/principal/amr: {"in: ["pwd"]}}It will filter out any user that wasn't authenticated with a
username/password.
-
setAttributes
public Policy setAttributes(Set<Attribute> attributes)
Set the attributes of the policy. Attributes are environmental values that are extracted from theUser.
-
getAuthorizations
public Set<Authorization> getAuthorizations()
Get the authorizations of the policy. Authorizations are the actual permissions that are granted to the user. If a user matches the policy (meaning the subjects and attributes match) then the authorizations applied to the user so they can be later evaluated.
-
setAuthorizations
public Policy setAuthorizations(Set<Authorization> authorizations)
Set the authorizations of the policy. Authorizations are the actual permissions that are granted to the user. Composite authorizations (AndAuthorizationandOrAuthorization) are not allowed in a policy.
-
addAuthorization
public Policy addAuthorization(Authorization authorization)
Add an authorization to the policy. Composite authorizations (AndAuthorizationandOrAuthorization) are not allowed in a policy.
-
toJson
public JsonObject toJson()
Encode this policy as a JSON document to facilitate storage and retrieval.
-
-