public abstract class LegacyAuthorizer extends java.lang.Object implements IAuthorizer
| Constructor and Description |
|---|
LegacyAuthorizer() |
| Modifier and Type | Method and Description |
|---|---|
java.util.Set<Permission> |
authorize(AuthenticatedUser user,
IResource resource)
Translates new-style authorize() method call to the old-style (including permissions and the hierarchy).
|
abstract java.util.EnumSet<Permission> |
authorize(AuthenticatedUser user,
java.util.List<java.lang.Object> resource) |
void |
grant(AuthenticatedUser performer,
java.util.Set<Permission> permissions,
IResource resource,
java.lang.String to)
Grants a set of permissions on a resource to a user.
|
java.util.Set<PermissionDetails> |
list(AuthenticatedUser performer,
java.util.Set<Permission> permissions,
IResource resource,
java.lang.String of)
Returns a list of permissions on a resource of a user.
|
java.util.Set<IResource> |
protectedResources()
Set of resources that should be made inaccessible to users and only accessible internally.
|
void |
revoke(AuthenticatedUser performer,
java.util.Set<Permission> permissions,
IResource resource,
java.lang.String from)
Revokes a set of permissions on a resource from a user.
|
void |
revokeAll(IResource droppedResource)
This method is called after a resource is removed (i.e.
|
void |
revokeAll(java.lang.String droppedUser)
This method is called before deleting a user with DROP USER query so that a new user with the same
name wouldn't inherit permissions of the deleted user in the future.
|
void |
setup()
Setup is called once upon system startup to initialize the IAuthorizer.
|
abstract void |
validateConfiguration()
Validates configuration of IAuthorizer implementation (if configurable).
|
public abstract java.util.EnumSet<Permission> authorize(AuthenticatedUser user, java.util.List<java.lang.Object> resource)
user - Authenticated user requesting authorization.resource - List of Objects containing Strings and byte[]s: represents a resource in the old hierarchy.public abstract void validateConfiguration()
throws ConfigurationException
IAuthorizervalidateConfiguration in interface IAuthorizerConfigurationException - when there is a configuration error.public java.util.Set<Permission> authorize(AuthenticatedUser user, IResource resource)
authorize in interface IAuthorizeruser - Authenticated user requesting authorization.resource - Resource for which the authorization is being requested. @see DataResource.public void grant(AuthenticatedUser performer, java.util.Set<Permission> permissions, IResource resource, java.lang.String to) throws InvalidRequestException
IAuthorizergrant in interface IAuthorizerperformer - User who grants the permissions.permissions - Set of permissions to grant.resource - Resource on which to grant the permissions.to - Grantee of the permissions.InvalidRequestExceptionpublic void revoke(AuthenticatedUser performer, java.util.Set<Permission> permissions, IResource resource, java.lang.String from) throws InvalidRequestException
IAuthorizerrevoke in interface IAuthorizerperformer - User who revokes the permissions.permissions - Set of permissions to revoke.resource - Resource on which to revoke the permissions.from - Revokee of the permissions.InvalidRequestExceptionpublic void revokeAll(java.lang.String droppedUser)
IAuthorizerrevokeAll in interface IAuthorizerdroppedUser - The user to revoke all permissions from.public void revokeAll(IResource droppedResource)
IAuthorizerrevokeAll in interface IAuthorizerdroppedResource - The resource to revoke all permissions on.public java.util.Set<PermissionDetails> list(AuthenticatedUser performer, java.util.Set<Permission> permissions, IResource resource, java.lang.String of) throws InvalidRequestException, UnauthorizedException
IAuthorizerlist in interface IAuthorizerperformer - User who wants to see the permissions.permissions - Set of Permission values the user is interested in. The result should only include the matching ones.resource - The resource on which permissions are requested. Can be null, in which case permissions on all resources
should be returned.of - The user whose permissions are requested. Can be null, in which case permissions of every user should be returned.InvalidRequestExceptionUnauthorizedExceptionpublic java.util.Set<IResource> protectedResources()
IAuthorizerprotectedResources in interface IAuthorizerpublic void setup()
IAuthorizersetup in interface IAuthorizerCopyright © 2015 The Apache Software Foundation