Package org.wildfly.security.authz
Class SimplePermissionMapper
- java.lang.Object
-
- org.wildfly.security.authz.SimplePermissionMapper
-
- All Implemented Interfaces:
PermissionMapper
public class SimplePermissionMapper extends Object implements PermissionMapper
A simplePermissionMapper
implementation that maps to pre-definedPermissionVerifier
instances. ThisPermissionMapper
is constructed using aSimplePermissionMapper.Builder
which is used to construct an ordered list ofPermissionVerifier
instances along with a set of principal names and a list of principal names. At the timemapPermissions(PermissionMappable, Roles)
is called this list is iterated to find corresponding definitions where either the name of thePrincipal
within thePermissionMappable
is contained within the mapping or theRoles
in themapPermission
call contain at least one of the roles in the mapping then the associatedPermissionVerifier
will be used. It is possible that multiple mappings could be matched during the call tomapPermissions(PermissionMappable, Roles)
and this is why the ordering is important, by default only the first match will be used however this can be overridden by callingSimplePermissionMapper.Builder.setMappingMode(SimplePermissionMapper.MappingMode)
to choose a different mode to combine the resultingPermissionVerifier
instances.- Author:
- Darran Lofthouse
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
SimplePermissionMapper.Builder
A builder for simple permission mappers.static class
SimplePermissionMapper.MappingMode
Mode defining behaviour when multiple mappings are found.
-
Field Summary
-
Fields inherited from interface org.wildfly.security.authz.PermissionMapper
EMPTY_PERMISSION_MAPPER
-
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static SimplePermissionMapper.Builder
builder()
Construct a newSimplePermissionMapper.Builder
for creating thePermissionMapper
.PermissionVerifier
mapPermissions(PermissionMappable permissionMappable, Roles roles)
Returns aPermissionVerifier
with all the permissions associated with the given information.-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.wildfly.security.authz.PermissionMapper
and, or, unless, xor
-
-
-
-
Method Detail
-
mapPermissions
public PermissionVerifier mapPermissions(PermissionMappable permissionMappable, Roles roles)
Description copied from interface:PermissionMapper
Returns a
PermissionVerifier
with all the permissions associated with the given information.Once returned, client code can use the
PermissionVerifier.implies(Permission)
to check if a given permission is granted or not to the given principal. Implementors must make sure that the returned collection is immutable.- Specified by:
mapPermissions
in interfacePermissionMapper
- Parameters:
permissionMappable
- the object to which permissions can be mapped (must not benull
)roles
- a set of effective roles after all role mapping was applied by security domain (may benull
)- Returns:
- a permission verifier (not
null
)
-
builder
public static SimplePermissionMapper.Builder builder()
Construct a newSimplePermissionMapper.Builder
for creating thePermissionMapper
.- Returns:
- a new
SimplePermissionMapper.Builder
for creating thePermissionMapper
.
-
-