Class FiatPermissionEvaluator
- java.lang.Object
-
- com.netflix.spinnaker.fiat.shared.FiatPermissionEvaluator
-
- All Implemented Interfaces:
org.springframework.aop.framework.AopInfrastructureBean,org.springframework.security.access.PermissionEvaluator
@Component public class FiatPermissionEvaluator extends java.lang.Object implements org.springframework.security.access.PermissionEvaluator
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static classFiatPermissionEvaluator.AuthorizationFailure
-
Constructor Summary
Constructors Constructor Description FiatPermissionEvaluator(com.netflix.spectator.api.Registry registry, FiatService fiatService, FiatClientConfigurationProperties configProps, FiatStatus fiatStatus)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description booleancanCreate(java.lang.String resourceType, java.lang.Object resource)static java.util.Optional<FiatPermissionEvaluator.AuthorizationFailure>getAuthorizationFailure()com.netflix.spinnaker.fiat.model.UserPermission.ViewgetPermission(java.lang.String username)booleanhasCachedPermission(java.lang.String username)booleanhasPermission(java.lang.String username, java.io.Serializable resourceName, java.lang.String resourceType, java.lang.Object authorization)booleanhasPermission(org.springframework.security.core.Authentication authentication, java.io.Serializable resourceName, java.lang.String resourceType, java.lang.Object authorization)booleanhasPermission(org.springframework.security.core.Authentication authentication, java.lang.Object resource, java.lang.Object authorization)voidinvalidatePermission(java.lang.String username)Invalidates the cached permissions for a user.booleanisAdmin()booleanisAdmin(org.springframework.security.core.Authentication authentication)booleanstoreWholePermission()Deprecated.
-
-
-
Constructor Detail
-
FiatPermissionEvaluator
@Autowired public FiatPermissionEvaluator(com.netflix.spectator.api.Registry registry, FiatService fiatService, FiatClientConfigurationProperties configProps, FiatStatus fiatStatus)
-
-
Method Detail
-
hasPermission
public boolean hasPermission(org.springframework.security.core.Authentication authentication, java.lang.Object resource, java.lang.Object authorization)- Specified by:
hasPermissionin interfaceorg.springframework.security.access.PermissionEvaluator
-
canCreate
public boolean canCreate(java.lang.String resourceType, java.lang.Object resource)
-
hasCachedPermission
public boolean hasCachedPermission(java.lang.String username)
- Parameters:
username- the username to check- Returns:
- whether a permission is currently cached for the username
-
hasPermission
public boolean hasPermission(java.lang.String username, java.io.Serializable resourceName, java.lang.String resourceType, java.lang.Object authorization)
-
hasPermission
public boolean hasPermission(org.springframework.security.core.Authentication authentication, java.io.Serializable resourceName, java.lang.String resourceType, java.lang.Object authorization)- Specified by:
hasPermissionin interfaceorg.springframework.security.access.PermissionEvaluator
-
invalidatePermission
public void invalidatePermission(java.lang.String username)
Invalidates the cached permissions for a user.- Parameters:
username- the username of the user to invalidate from the local cache.
-
getPermission
public com.netflix.spinnaker.fiat.model.UserPermission.View getPermission(java.lang.String username)
-
storeWholePermission
@Deprecated public boolean storeWholePermission()
Deprecated.
-
getAuthorizationFailure
public static java.util.Optional<FiatPermissionEvaluator.AuthorizationFailure> getAuthorizationFailure()
-
isAdmin
public boolean isAdmin()
-
isAdmin
public boolean isAdmin(org.springframework.security.core.Authentication authentication)
-
-