/** * Returns a new {@code Subject} with the specified {@code subjectIssuerWithId} and {@code subjectType}. * * @param subjectIssuerWithId the Subject issuer + Subject ID (separated with a "{@value * SubjectId#ISSUER_DELIMITER}") of the Subject to create. * @param subjectType the SubjectType of the new Subject to create. * @return the new {@code Subject}. * @throws NullPointerException if any argument is {@code null}. */ static Subject newInstance(final CharSequence subjectIssuerWithId, final SubjectType subjectType) { return PoliciesModelFactory.newSubject(SubjectId.newInstance(subjectIssuerWithId), subjectType); }
/** * Returns a new immutable Policy which is initialised with the specified entries. * * @param id the ID of the new Policy. * @param entries the entries of the Policy. * @return the new initialised Policy. * @throws NullPointerException if any argument is {@code null}. */ public static Policy newPolicy(final CharSequence id, final Iterable<PolicyEntry> entries) { return ImmutablePolicy.of(id, PolicyLifecycle.ACTIVE, PolicyRevision.newInstance(1), null, entries); }
/** * Returns the Subject with the given subjectIssuerWithId or an empty optional. * * @param subjectIssuerWithId the Subject issuer + Subject ID (separated with a "{@value * SubjectId#ISSUER_DELIMITER}") of the Subject to be retrieved. * @return the Subject with the given subjectIssuerWithId or an empty optional. * @throws NullPointerException if {@code subjectIssuerWithId} is {@code null}. * @throws IllegalArgumentException if {@code subjectIssuerWithId} is empty. */ default Optional<Subject> getSubject(final CharSequence subjectIssuerWithId) { return getSubject(SubjectId.newInstance(subjectIssuerWithId)); }
private void addPolicyEntry(final PolicyEntry policyEntry) { final Collection<String> subjectIds = getSubjectIds(policyEntry.getSubjects()); policyEntry.getResources().forEach(resource -> { final PolicyTrie target = seekOrCreate(getJsonKeyIterator(resource.getResourceKey())); final EffectedPermissions effectedPermissions = resource.getEffectedPermissions(); target.grant(subjectIds, effectedPermissions.getGrantedPermissions()); target.revoke(subjectIds, effectedPermissions.getRevokedPermissions()); }); }
private boolean hasPermissionGranted(final PolicyEntry policyEntry) { return policyEntry.getResources().stream() // .anyMatch(resource -> { final boolean isRootResource = ROOT_RESOURCE.equals(resource.getResourceKey()); final boolean containsGrantedPermissions = resource.getEffectedPermissions() .getGrantedPermissions() .contains(Permission.MIN_REQUIRED_POLICY_PERMISSIONS); return isRootResource && containsGrantedPermissions; }); }
private boolean hasPermissionRevoked(final PolicyEntry policyEntry) { return policyEntry.getResources().stream() // .anyMatch(resource -> { final boolean isRootResource = ROOT_RESOURCE.equals(resource.getResourceKey()); final boolean containsRevokedPermissions = resource.getEffectedPermissions() .getRevokedPermissions() .contains(Permission.MIN_REQUIRED_POLICY_PERMISSIONS); return isRootResource && containsRevokedPermissions; }); }
/** * Returns a new immutable {@link PolicyEntry} with the given authorization subject and permissions. * * @param label the Label of the PolicyEntry to create. * @param subjects the Subjects contained in the PolicyEntry to create. * @param resources the Resources of the PolicyEntry to create. * @return the new Policy entry. * @throws NullPointerException if any argument is {@code null}. * @throws IllegalArgumentException if {@code label} is empty. */ public static PolicyEntry newPolicyEntry(final CharSequence label, final Iterable<Subject> subjects, final Iterable<Resource> resources) { return ImmutablePolicyEntry.of(Label.of(label), newSubjects(subjects), newResources(resources)); }
/** * Returns the Resource with the given {@code resourceType} and {@code resourcePath} or an empty optional. * * @param resourceType the type of the Resource to be retrieved. * @param resourcePath the path of the Resource to be retrieved. * @return the Resource or an empty optional. * @throws NullPointerException if {@code resourcePath} is {@code null}. * @throws IllegalArgumentException if {@code resourceType} is empty. */ default Optional<Resource> getResource(final String resourceType, final CharSequence resourcePath) { return getResource(ResourceKey.newInstance(resourceType, resourcePath)); }
/** * Removes the Resource with the given {@code resourceType} and {@code resourcePath} from a copy of this Resources. * * @param resourceType the type of the Resource to be removed. * @param resourcePath the path of the Resource to be removed. * @return a copy of this Resources with {@code resource} removed. * @throws NullPointerException if any argument is {@code null}. * @throws IllegalArgumentException if {@code resourceType} is empty. */ default Resources removeResource(final String resourceType, final CharSequence resourcePath) { return removeResource(ResourceKey.newInstance(resourceType, resourcePath)); }
/** * Removes the Subject with the given identifier from a copy of this Subjects. * * @param subjectIssuerWithId the Subject issuer + Subject ID (separated with a "{@value * SubjectId#ISSUER_DELIMITER}") of the Subject to be removed. * @return a copy of this Subjects with {@code subject} removed. * @throws NullPointerException if {@code subjectIssuerWithId} is {@code null}. * @throws IllegalArgumentException if {@code subjectIssuerWithId} is empty. */ default Subjects removeSubject(final CharSequence subjectIssuerWithId) { return removeSubject(SubjectId.newInstance(subjectIssuerWithId)); }
/** * Removes the subject identified by the specified {@code subjectIssuerWithId} from this builder. * * @param subjectIssuerWithId the Subject issuer + Subject ID (separated with a "{@value * SubjectId#ISSUER_DELIMITER}") of the Subject to remove from the PolicyEntry identified by the {@code label}. * @return this builder to allow method chaining. * @throws NullPointerException if any argument is {@code null}. */ default LabelScoped removeSubject(final CharSequence subjectIssuerWithId) { removeSubjectFor(getLabel(), SubjectId.newInstance(subjectIssuerWithId)); return this; }
/** * Sets the given revision number to this builder. * * @param revisionNumber the revision number to be set. * @return this builder to allow method chaining. */ default PolicyBuilder setRevision(final long revisionNumber) { return setRevision(PolicyRevision.newInstance(revisionNumber)); }
@Override public ImmutablePolicyBuilder setResourceFor(final CharSequence label, final Resource resource) { return setResourcesFor(label, Resources.newInstance(resource)); }
private boolean hasPermissionGranted(final PolicyEntry policyEntry) { return policyEntry.getResources().stream() // .anyMatch(resource -> { final boolean isRootResource = ROOT_RESOURCE.equals(resource.getResourceKey()); final boolean containsGrantedPermissions = resource.getEffectedPermissions() .getGrantedPermissions() .contains(Permission.MIN_REQUIRED_POLICY_PERMISSIONS); return isRootResource && containsGrantedPermissions; }); }
/** * Returns a new {@code Subject} with the specified {@code issuer}, {@code subject} and {@code subjectType}. * * @param issuer the character sequence for the SubjectId's {@code issuer}. * @param subject the character sequence for the SubjectId's {@code subject}. * @param subjectType the SubjectType of the new Subject to create. * @return the new {@code Subject}. * @throws NullPointerException if any argument is {@code null}. */ static Subject newInstance(final SubjectIssuer issuer, final CharSequence subject, final SubjectType subjectType) { return PoliciesModelFactory.newSubject(SubjectId.newInstance(issuer, subject), subjectType); }
/** * Returns the Subject with the given {@code issuer} and {@code subject} or an empty optional. * * @param issuer the SubjectId's {@code issuer} of the Subject to be retrieved. * @param subject the character sequence for the SubjectId's {@code subject} of the Subject to be retrieved. * @return the Subject with the given subjectId or an empty optional. * @throws NullPointerException if {@code subjectId} is {@code null}. * @throws IllegalArgumentException if {@code subject} is empty. */ default Optional<Subject> getSubject(final SubjectIssuer issuer, final CharSequence subject) { return getSubject(SubjectId.newInstance(issuer, subject)); }
/** * Removes the Subject with the given {@code issuer} and {@code subject} from a copy of this Subjects. * * @param issuer the SubjectId's {@code issuer} of the Subject to be removed. * @param subject the character sequence for the SubjectId's {@code subject} of the Subject to be removed. * @return a copy of this Subjects with {@code subject} removed. * @throws NullPointerException if {@code subjectId} is {@code null}. * @throws IllegalArgumentException if {@code subject} is empty. */ default Subjects removeSubject(final SubjectIssuer issuer, final CharSequence subject) { return removeSubject(SubjectId.newInstance(issuer, subject)); }
/** * Removes the subject identified by the specified {@code issuer} and {@code subject} from this builder. * * @param issuer the SubjectId's {@code issuer} to remove from the PolicyEntry identified by the {@code label}. * @param subject the character sequence for the SubjectId's {@code subject} to remove from the PolicyEntry * identified by the {@code label}. * @return this builder to allow method chaining. * @throws NullPointerException if any argument is {@code null}. */ default LabelScoped removeSubject(final SubjectIssuer issuer, final CharSequence subject) { removeSubjectFor(getLabel(), SubjectId.newInstance(issuer, subject)); return this; }
/** * Returns a new {@code Subject} with the specified {@code issuer}, {@code subject} and * subject type {@link SubjectType#GENERATED}. * * @param issuer the character sequence for the SubjectId's {@code issuer}. * @param subject the character sequence for the SubjectId's {@code subject}. * @return the new {@code Subject}. * @throws NullPointerException if any argument is {@code null}. */ static Subject newInstance(final SubjectIssuer issuer, final CharSequence subject) { return PoliciesModelFactory.newSubject(SubjectId.newInstance(issuer, subject)); }