Package org.wildfly.security.permission
Interface PermissionVerifier
-
- All Known Implementing Classes:
AbstractActionPermission
,AbstractActionSetPermission
,AbstractBooleanPermission
,AbstractNamedPermission
,AbstractNameOnlyPermission
,AbstractNameSetOnlyPermission
,AbstractPermission
,AbstractPermissionCollection
,BooleanPermissionCollection
,ByNamePermissionCollection
,ChangeRoleMapperPermission
,CredentialStorePermission
,ElytronPermission
,LoginPermission
,NameSetPermissionCollection
,NoPermission
,RunAsPrincipalPermission
,SecurityIdentity
,SimpleActionBitsPermissionCollection
,SimplePermissionCollection
,WildFlySecurityManager
,WildFlySecurityManagerPermission
- Functional Interface:
- This is a functional interface and can therefore be used as the assignment target for a lambda expression or method reference.
@FunctionalInterface public interface PermissionVerifier
An interface for objects that can verify permissions.- Author:
- David M. Lloyd
-
-
Field Summary
Fields Modifier and Type Field Description static PermissionVerifier
ALL
A verifier which implies all permissions.static PermissionVerifier
NONE
A verifier which implies no permissions.
-
Method Summary
All Methods Static Methods Instance Methods Abstract Methods Default Methods Modifier and Type Method Description default PermissionVerifier
and(PermissionVerifier other)
Return a new verifier which implies permissions which are implied both by this verifier and by the given verifier.default void
checkPermission(Permission permission)
Check a permission, throwing an exception if the permission is not implied.static PermissionVerifier
from(Permission permission)
Get a permission verifier for a single permission.static PermissionVerifier
from(PermissionCollection permissionCollection)
Get a permission verifier for a permission collection.static PermissionVerifier
from(Policy policy, ProtectionDomain protectionDomain)
Get a permission verifier for a policy's view of a protection domain.static PermissionVerifier
from(ProtectionDomain protectionDomain)
Get a permission verifier for a protection domain.boolean
implies(Permission permission)
Determine if the permission is verified by this object.default PermissionVerifier
not()
Return a new verifier which implies the opposite of this verifier.default PermissionVerifier
or(PermissionVerifier other)
Return a new verifier which implies permissions which are implied either by this verifier or by the given verifier.default PermissionCollection
toPermissionCollection()
Convert this verifier a permission collection which implies everything this verifier implies.default PermissionVerifier
unless(PermissionVerifier other)
Return a new verifier which implies permissions which are implied by this verifier but not the given verifier.default PermissionVerifier
xor(PermissionVerifier other)
Return a new verifier which implies permissions which are implied by only one of this verifier or the given verifier.
-
-
-
Field Detail
-
NONE
static final PermissionVerifier NONE
A verifier which implies no permissions.
-
ALL
static final PermissionVerifier ALL
A verifier which implies all permissions.
-
-
Method Detail
-
implies
boolean implies(Permission permission)
Determine if the permission is verified by this object.- Parameters:
permission
- the permission to verify (must not benull
)- Returns:
true
if the permission is implied by this verifier,false
otherwise
-
and
default PermissionVerifier and(PermissionVerifier other)
Return a new verifier which implies permissions which are implied both by this verifier and by the given verifier.- Parameters:
other
- the other verifier (must not benull
)- Returns:
- the new permission verifier (not
null
)
-
or
default PermissionVerifier or(PermissionVerifier other)
Return a new verifier which implies permissions which are implied either by this verifier or by the given verifier.- Parameters:
other
- the other verifier (must not benull
)- Returns:
- the new permission verifier (not
null
)
-
xor
default PermissionVerifier xor(PermissionVerifier other)
Return a new verifier which implies permissions which are implied by only one of this verifier or the given verifier.- Parameters:
other
- the other verifier (must not benull
)- Returns:
- the new permission verifier (not
null
)
-
not
default PermissionVerifier not()
Return a new verifier which implies the opposite of this verifier.- Returns:
- the new permission verifier (not
null
)
-
unless
default PermissionVerifier unless(PermissionVerifier other)
Return a new verifier which implies permissions which are implied by this verifier but not the given verifier.- Parameters:
other
- the other verifier (must not benull
)- Returns:
- the new permission verifier (not
null
)
-
checkPermission
default void checkPermission(Permission permission) throws SecurityException
Check a permission, throwing an exception if the permission is not implied.- Parameters:
permission
- the permission to check (must not benull
)- Throws:
SecurityException
- if the permission is not implied
-
from
static PermissionVerifier from(Permission permission)
Get a permission verifier for a single permission.- Parameters:
permission
- the permission (must not benull
)- Returns:
- the verifier (not
null
)
-
from
static PermissionVerifier from(PermissionCollection permissionCollection)
Get a permission verifier for a permission collection.- Parameters:
permissionCollection
- the permission collection (must not benull
)- Returns:
- the verifier (not
null
)
-
from
static PermissionVerifier from(ProtectionDomain protectionDomain)
Get a permission verifier for a protection domain.- Parameters:
protectionDomain
- the protection domain (must not benull
)- Returns:
- the verifier (not
null
)
-
from
static PermissionVerifier from(Policy policy, ProtectionDomain protectionDomain)
Get a permission verifier for a policy's view of a protection domain.- Parameters:
policy
- the policy (must not benull
)protectionDomain
- the protection domain (must not benull
)- Returns:
- the verifier (not
null
)
-
toPermissionCollection
default PermissionCollection toPermissionCollection()
Convert this verifier a permission collection which implies everything this verifier implies. If this instance is already aPermissionCollection
instance, then this instance may be cast and returned. Otherwise, this method may return a new, read-only collection, which cannot be iterated.- Returns:
- the permission collection (not
null
)
-
-