Class Policy

java.lang.Object
io.vertx.ext.auth.abac.Policy
public class Policy extends Object
Simple definition of ABAC policies. A policy is a set of rules that are evaluated against a set of attributes. On successful evaluation the policy is considered to be satisfied and the listed authorizations are granted.

  • Constructor Details

    • Policy

      public Policy()

    • Policy

      public Policy(JsonObject json)

  • Method Details

    • getName

      public String getName()
      Get the name of the policy

    • setName

      public Policy setName(String name)
      Set the policy name. This is optional and has no effect on the policy evaluation.
      Parameters:
      name - the name.

    • getSubjects

      public Set<String> getSubjects()
      Get the subjects of the policy. This is an exact match on subject ids.

    • addSubject

      public Policy addSubject(String subject)
      Add a subject to the current policy.
      Parameters:
      subject - the subject id as in the return of User.subject()

    • setSubjects

      public Policy setSubjects(Set<String> subjects)
      Replaces all active subjects with the given set. No subjects implies that the policy applies to all users.

    • getAttributes

      public Set<Attribute> getAttributes()
      Get the attributes of the policy. Attributes are environmental values that are extracted from the User. Attributes are used to filter the amount of policies to be evaluated. For example, if a policy has an attribute: 
      {/principal/amr: {"in: ["pwd"]}}

      It will filter out any user that wasn't authenticated with a username/password.

    • setAttributes

      public Policy setAttributes(Set<Attribute> attributes)
      Set the attributes of the policy. Attributes are environmental values that are extracted from the User.

    • addAttribute

      public Policy addAttribute(Attribute attribute)
      Add an attribute to the policy.

    • getAuthorizations

      public Set<Authorization> getAuthorizations()
      Get the authorizations of the policy. Authorizations are the actual permissions that are granted to the user. If a user matches the policy (meaning the subjects and attributes match) then the authorizations applied to the user so they can be later evaluated.

    • setAuthorizations

      public Policy setAuthorizations(Set<Authorization> authorizations)
      Set the authorizations of the policy. Authorizations are the actual permissions that are granted to the user. Composite authorizations (AndAuthorization and OrAuthorization) are not allowed in a policy.

    • addAuthorization

      public Policy addAuthorization(Authorization authorization)
      Add an authorization to the policy. Composite authorizations (AndAuthorization and OrAuthorization) are not allowed in a policy.

    • toJson

      public JsonObject toJson()
      Encode this policy as a JSON document to facilitate storage and retrieval.

    • toString

      public String toString()
      Overrides:
      toString in class Object