Class CompiledRule
java.lang.Object
org.openmetadata.schema.entity.policies.accessControl.Rule
org.openmetadata.service.security.policyevaluator.CompiledRule
This class is used in a single threaded model and hence does not have concurrency support
-
Nested Class Summary
Nested classes/interfaces inherited from class org.openmetadata.schema.entity.policies.accessControl.Rule
Rule.Effect -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidevaluateAllowRule(OperationContext operationContext, SubjectContext subjectContext, ResourceContextInterface resourceContext, org.openmetadata.service.security.policyevaluator.SubjectContext.PolicyContext policyContext) voidevaluateDenyRule(OperationContext operationContext, SubjectContext subjectContext, ResourceContextInterface resourceContext, org.openmetadata.service.security.policyevaluator.SubjectContext.PolicyContext policyContext) voidevaluatePermission(String resource, ResourcePermission resourcePermission, org.openmetadata.service.security.policyevaluator.SubjectContext.PolicyContext policyContext) voidevaluatePermission(Map<String, ResourcePermission> resourcePermissionMap, org.openmetadata.service.security.policyevaluator.SubjectContext.PolicyContext policyContext) voidevaluatePermission(SubjectContext subjectContext, ResourceContextInterface resourceContext, ResourcePermission resourcePermission, org.openmetadata.service.security.policyevaluator.SubjectContext.PolicyContext policyContext) org.springframework.expression.Expressionprotected booleanmatchResource(String resource) static booleanoverrideAccess(Permission.Access newAccess, Permission.Access currentAccess) static org.springframework.expression.ExpressionparseExpression(String condition) static <T> voidvalidateExpression(String condition, Class<T> clz) Used only for validating the expressions when new rule is createdMethods inherited from class org.openmetadata.schema.entity.policies.accessControl.Rule
equals, getCondition, getDescription, getEffect, getFullyQualifiedName, getName, getOperations, getResources, hashCode, setCondition, setDescription, setEffect, setFullyQualifiedName, setName, setOperations, setResources, toString, withCondition, withDescription, withEffect, withFullyQualifiedName, withName, withOperations, withResources
-
Constructor Details
-
CompiledRule
-
-
Method Details
-
parseExpression
-
validateExpression
Used only for validating the expressions when new rule is created -
getExpression
public org.springframework.expression.Expression getExpression() -
evaluateDenyRule
public void evaluateDenyRule(OperationContext operationContext, SubjectContext subjectContext, ResourceContextInterface resourceContext, org.openmetadata.service.security.policyevaluator.SubjectContext.PolicyContext policyContext) -
evaluateAllowRule
public void evaluateAllowRule(OperationContext operationContext, SubjectContext subjectContext, ResourceContextInterface resourceContext, org.openmetadata.service.security.policyevaluator.SubjectContext.PolicyContext policyContext) -
evaluatePermission
public void evaluatePermission(Map<String, ResourcePermission> resourcePermissionMap, org.openmetadata.service.security.policyevaluator.SubjectContext.PolicyContext policyContext) -
evaluatePermission
public void evaluatePermission(String resource, ResourcePermission resourcePermission, org.openmetadata.service.security.policyevaluator.SubjectContext.PolicyContext policyContext) -
evaluatePermission
public void evaluatePermission(SubjectContext subjectContext, ResourceContextInterface resourceContext, ResourcePermission resourcePermission, org.openmetadata.service.security.policyevaluator.SubjectContext.PolicyContext policyContext) -
matchResource
-
overrideAccess
-