public abstract class DiscretionaryAccessController extends Object
| Constructor and Description |
|---|
DiscretionaryAccessController() |
| Modifier and Type | Method and Description |
|---|---|
abstract boolean |
addGroupsToResource(String resourceType,
String resourceName,
String action,
List<String> groups)
Allow given groups to access the given resource.
|
abstract void |
addResource(String resourceType,
String resourceName,
String owner)
Create auth resource.
|
boolean |
authorize(String resourceType,
String resource,
String action,
String userId,
Set<String> userGroups)
Authorize resource with given resource and action.
|
abstract boolean |
changeResourceOwner(String resourceType,
String resourceName,
String owner)
Create auth resource.
|
abstract boolean |
deleteResource(String resourceType,
String resourceName)
Delete auth resource.
|
abstract AuthResource |
getAuthResource(String resourceType,
String resourceName)
Get auth resource.
|
abstract void |
initialize(io.ballerina.messaging.broker.common.StartupContext startupContext,
UserStore userStore,
Map<String,String> properties)
Initialize authorization controller based on given auth configuration, user store.
|
abstract boolean |
removeGroupFromResource(String resourceType,
String resourceName,
String action,
String group)
Revoke access from the given group.
|
public abstract void initialize(io.ballerina.messaging.broker.common.StartupContext startupContext,
UserStore userStore,
Map<String,String> properties)
throws Exception
startupContext - the startup context provides registered services in brokeruserStore - user storeproperties - propertiesExceptionpublic final boolean authorize(String resourceType, String resource, String action, String userId, Set<String> userGroups) throws AuthServerException, AuthNotFoundException
resourceType - resource Typeresource - resourceaction - actionuserId - user identifier of owneruserGroups - user groups of the userAuthServerException - throws if an server error occurredAuthNotFoundException - throws if the resource is not foundpublic abstract void addResource(String resourceType, String resourceName, String owner) throws AuthServerException
resourceType - resource typeresourceName - resource nameowner - resource ownerAuthServerException - throws if an server error occurredpublic abstract boolean deleteResource(String resourceType, String resourceName) throws AuthServerException, AuthNotFoundException
resourceType - resource typeresourceName - resource nameAuthServerException - throws if an server error occurredAuthNotFoundException - throws if the resource is not foundpublic abstract boolean addGroupsToResource(String resourceType, String resourceName, String action, List<String> groups) throws AuthServerException
resourceType - resource typeresourceName - resource nameaction - actiongroups - list of groupAuthServerException - throws if server error occurredpublic abstract boolean removeGroupFromResource(String resourceType, String resourceName, String action, String group) throws AuthServerException, AuthNotFoundException
resourceType - resource typeresourceName - resource nameaction - actiongroup - groupAuthServerException - throws if an server error occurredAuthNotFoundException - throws if the resource is not foundpublic abstract boolean changeResourceOwner(String resourceType, String resourceName, String owner) throws AuthServerException, AuthNotFoundException
resourceType - resource typeresourceName - resource nameowner - newOwnerAuthServerException - throws if an server error occurredAuthNotFoundException - throws if the resource is not foundpublic abstract AuthResource getAuthResource(String resourceType, String resourceName) throws AuthServerException, AuthNotFoundException
resourceType - resource typeresourceName - resource nameAuthServerException - throws if an server error occurredAuthNotFoundException - throws if the resource is not foundCopyright © 2018 WSO2. All rights reserved.