All Known Subinterfaces:: AuthorizationMapControlled, PermissionMapControlled<Authorization>

public interface AccessControlled

An AccessControlled object is an object that knows its own permissions and can check them against a given user and authorization. This allows resources to support access control checks via Spring Security against the resource object directly.

See Also:

AbstractPermissionEvaluator

Method Summary

Modifier and Type

Method

Description

boolean

isAuthorized(org.springframework.security.core.Authentication authentication, Object authorization)

Checks if the authenticated user has a particular authorization on this object.

Method Details
- isAuthorized
  
  boolean isAuthorized(org.springframework.security.core.Authentication authentication, Object authorization)
  
  Checks if the authenticated user has a particular authorization on this object. Note that checking if the user is an admin should be performed by a PermissionEvaluator or by checking SpinnakerAuthorities.isAdmin(Authentication) rather than via this method as the admin role is a Spinnaker-specific role.
  See Also:
  
  Authorization
  
  SpinnakerAuthorities.hasAnyRole(Authentication, Collection)

Interface AccessControlled

Method Summary

Method Details

isAuthorized