Package io.vertx.ext.auth.abac

Class Policy

java.lang.Object

io.vertx.ext.auth.abac.Policy

public class Policy
extends Object

Simple definition of ABAC policies. A policy is a set of rules that are evaluated against a set of attributes. On successful evaluation the policy is considered to be satisfied and the listed authorizations are granted.

Constructor Summary

Constructors

Constructor	Description
Policy()
Policy(JsonObject json)

Method Summary

Modifier and Type	Method	Description
Policy	addAttribute(Attribute attribute)	Add an attribute to the policy.
Policy	addAuthorization(Authorization authorization)	Add an authorization to the policy.
Policy	addSubject(String subject)	Add a subject to the current policy.
Set<Attribute>	getAttributes()	Get the attributes of the policy.
Set<Authorization>	getAuthorizations()	Get the authorizations of the policy.
String	getName()	Get the name of the policy
Set<String>	getSubjects()	Get the subjects of the policy.
Policy	setAttributes(Set<Attribute> attributes)	Set the attributes of the policy.
Policy	setAuthorizations(Set<Authorization> authorizations)	Set the authorizations of the policy.
Policy	setName(String name)	Set the policy name.
Policy	setSubjects(Set<String> subjects)	Replaces all active subjects with the given set.
JsonObject	toJson()	Encode this policy as a JSON document to facilitate storage and retrieval.
String	toString()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

Policy

public Policy()

Policy

public Policy(JsonObject json)

Method Detail

getName

public String getName()

Get the name of the policy

setName

public Policy setName(String name)

Set the policy name. This is optional and has no effect on the policy evaluation.

Parameters:

name - the name.

getSubjects

public Set<String> getSubjects()

Get the subjects of the policy. This is an exact match on subject ids.

addSubject

public Policy addSubject(String subject)

Add a subject to the current policy.

Parameters:

subject - the subject id as in the return of User.subject()

setSubjects

public Policy setSubjects(Set<String> subjects)

Replaces all active subjects with the given set. No subjects implies that the policy applies to all users.

getAttributes

public Set<Attribute> getAttributes()

Get the attributes of the policy. Attributes are environmental values that are extracted from the User. Attributes are used to filter the amount of policies to be evaluated. For example, if a policy has an attribute:

{/principal/amr: {"in: ["pwd"]}}

It will filter out any user that wasn't authenticated with a username/password.

setAttributes

public Policy setAttributes(Set<Attribute> attributes)

Set the attributes of the policy. Attributes are environmental values that are extracted from the User.

addAttribute

public Policy addAttribute(Attribute attribute)

Add an attribute to the policy.

getAuthorizations

public Set<Authorization> getAuthorizations()

Get the authorizations of the policy. Authorizations are the actual permissions that are granted to the user. If a user matches the policy (meaning the subjects and attributes match) then the authorizations applied to the user so they can be later evaluated.

setAuthorizations

public Policy setAuthorizations(Set<Authorization> authorizations)

Set the authorizations of the policy. Authorizations are the actual permissions that are granted to the user. Composite authorizations (AndAuthorization and OrAuthorization) are not allowed in a policy.

addAuthorization

public Policy addAuthorization(Authorization authorization)

Add an authorization to the policy. Composite authorizations (AndAuthorization and OrAuthorization) are not allowed in a policy.

toJson

public JsonObject toJson()

Encode this policy as a JSON document to facilitate storage and retrieval.

toString

public String toString()

Overrides:

toString in class Object