AbstractSecurityRule (security 3.9.4 API)

java.lang.Object
- io.micronaut.security.rules.AbstractSecurityRule

All Implemented Interfaces:

io.micronaut.core.order.Ordered, SecurityRule

Direct Known Subclasses:

ConfigurationInterceptUrlMapRule, IpPatternsRule, SecuredAnnotationRule
```
public abstract class AbstractSecurityRule
extends java.lang.Object
implements SecurityRule
```
A base SecurityRule class to extend from that provides helper methods to get the roles from the claims and compare them to the roles allowed by the rule.

Since:

1.0

Field Summary
- Fields inherited from interface io.micronaut.core.order.Ordered
  HIGHEST_PRECEDENCE, LOWEST_PRECEDENCE
- Fields inherited from interface io.micronaut.security.rules.SecurityRule
  DENY_ALL, IS_ANONYMOUS, IS_AUTHENTICATED

Constructor Summary

Constructors
Constructor Description

AbstractSecurityRule(RolesFinder rolesFinder)

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`protected org.reactivestreams.Publisher<SecurityRuleResult>`	`compareRoles(java.util.List<java.lang.String> requiredRoles, java.util.Collection<java.lang.String> grantedRoles)`	Compares the given roles to determine if the request is allowed by comparing if any of the granted roles is in the required roles list.
`protected java.util.List<java.lang.String>`	`getRoles(Authentication authentication)`	Appends `SecurityRule.IS_ANONYMOUS` if not authenticated.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface io.micronaut.core.order.Ordered
getOrder

Methods inherited from interface io.micronaut.security.rules.SecurityRule
check

- Constructor Detail
  - AbstractSecurityRule
```
@Inject
public AbstractSecurityRule(RolesFinder rolesFinder)
```
    Parameters:
    
    rolesFinder - Roles Parser
- Method Detail
  - getRoles
```
protected java.util.List<java.lang.String> getRoles(Authentication authentication)
```
    Appends SecurityRule.IS_ANONYMOUS if not authenticated. If the claims contain one or more roles, SecurityRule.IS_AUTHENTICATED is appended to the list.
    
    Parameters:
    
    authentication - The authentication, or null if none found
    
    Returns:
    
    The granted roles
  - compareRoles
```
protected org.reactivestreams.Publisher<SecurityRuleResult> compareRoles(java.util.List<java.lang.String> requiredRoles,
                                                                         java.util.Collection<java.lang.String> grantedRoles)
```
    Compares the given roles to determine if the request is allowed by comparing if any of the granted roles is in the required roles list.
    
    Parameters:
    
    requiredRoles - The list of roles required to be authorized
    
    grantedRoles - The list of roles granted to the user
    
    Returns:
    
    SecurityRuleResult.REJECTED if none of the granted roles appears in the required roles list. SecurityRuleResult.ALLOWED otherwise.