Package io.inversion.action.security

Class AclFilter

java.lang.Object

io.inversion.Rule<A>

io.inversion.Action<A>

io.inversion.Filter<AclFilter>

io.inversion.action.security.AclFilter

All Implemented Interfaces:

Comparable<AclFilter>

public class AclFilter
extends Filter<AclFilter>

The AclAction secures an API by making sure that a requests matches one or more declared AclRules

AclRules specify the roles and permissions that a user must have to access specific method/path combinations and can also specify input/output parameters that are either required or restricted

Nested Class Summary

Nested classes/interfaces inherited from class io.inversion.Rule

Rule.RuleMatcher

Field Summary

Fields

Modifier and Type	Field	Description
protected final List<AclRule>	aclRules

Fields inherited from class io.inversion.Rule

ALL_METHODS, configMap, description, excludeMatchers, excludeOn, includeMatchers, includeOn, log, name, order, params

Constructor Summary

Constructors

Constructor	Description
AclFilter()

Method Summary

Modifier and Type	Method	Description
List<AclRule>	getAclRules()
AclFilter	orRequireAllPerms(String permissions, String... includedOn)
AclFilter	orRequireAllRoles(String roles, String... includedOn)
AclFilter	orRequireAllScopes(String scopes, String... includedOn)
AclFilter	orRequireOnePerm(String permissions, String... includedOn)
AclFilter	orRequireOneRole(String roles, String... includedOn)
AclFilter	orRequireOneScope(String scopes, String... includedOn)
void	run(Request req, Response resp)	Override this method with your custom business logic or override one of the http method "doMETHOD" specific handlers.
AclFilter	withAclRules(AclRule... acls)

Methods inherited from class io.inversion.Action

configureOp, doDelete, doGet, doPatch, doPost, doPut, getFullIncludePaths, getIncludePaths, isDecoration, joinPaths, joinPaths0, run0, withDecoration

Methods inherited from class io.inversion.Rule

afterWiringComplete, checkLazyConfig, compareTo, doLazyConfig, getAllExcludePaths, getAllIncludeMethods, getAllIncludePaths, getDefaultIncludeMatchers, getDescription, getExcludeMatchers, getIncludeMatchers, getName, getOrder, getParams, match, match, matches, matches, toString, withDescription, withExcludeOn, withExcludeOn, withIncludeOn, withIncludeOn, withName, withOrder, withParam, withParams

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Details

aclRules

protected final List<AclRule> aclRules

Constructor Details

AclFilter

public AclFilter()

Method Details

orRequireAllPerms

public AclFilter orRequireAllPerms(String permissions,
 String... includedOn)

orRequireOnePerm

public AclFilter orRequireOnePerm(String permissions,
 String... includedOn)

orRequireAllRoles

public AclFilter orRequireAllRoles(String roles,
 String... includedOn)

orRequireOneRole

public AclFilter orRequireOneRole(String roles,
 String... includedOn)

orRequireAllScopes

public AclFilter orRequireAllScopes(String scopes,
 String... includedOn)

orRequireOneScope

public AclFilter orRequireOneScope(String scopes,
 String... includedOn)

withAclRules

public AclFilter withAclRules(AclRule... acls)

getAclRules

public List<AclRule> getAclRules()

run

public void run(Request req,
 Response resp)
         throws ApiException

Description copied from class: Action

Override this method with your custom business logic or override one of the http method "doMETHOD" specific handlers.

Overrides:

run in class Action<AclFilter>

Parameters:

req - the Request being serviced

resp - the Reponse being generated

Throws:

ApiException