Package org.restheart.security.authorizers

Class ACLRegistryImpl

java.lang.Object

org.restheart.security.authorizers.ACLRegistryImpl

All Implemented Interfaces:

org.restheart.security.ACLRegistry

public class ACLRegistryImpl
extends Object
implements org.restheart.security.ACLRegistry

Method Summary

Modifier and Type	Method	Description
void	registerAllow(Predicate<org.restheart.exchange.Request<?>> allow)	Registers an allow predicate that determines if a request should be authorized.
void	registerAuthenticationRequirement(Predicate<org.restheart.exchange.Request<?>> authenticationRequired)	Registers a predicate that determines whether requests handled by the ACLRegistryAllower require authentication.
void	registerVeto(Predicate<org.restheart.exchange.Request<?>> veto)	Registers a veto predicate that determines if a request should be denied.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

registerVeto

public void registerVeto(Predicate<org.restheart.exchange.Request<?>> veto)

Registers a veto predicate that determines if a request should be denied. When the predicate evaluates to true, the request is immediately forbidden (vetoed). Additionally, a request will also be denied if it is not explicitly authorized by any allow predicates or any other active allowing authorizers.

Specified by:

registerVeto in interface org.restheart.security.ACLRegistry

Parameters:

veto - The veto predicate to register. This predicate should return true to veto (deny) the request, and false to let the decision be further evaluated by allow predicates or other authorizers.

registerAllow

public void registerAllow(Predicate<org.restheart.exchange.Request<?>> allow)

Registers an allow predicate that determines if a request should be authorized. The request is authorized if this predicate evaluates to true, provided that no veto predicates or other active vetoer authorizers subsequently deny the request. This method helps in setting up conditions under which requests can proceed unless explicitly vetoed.

Specified by:

registerAllow in interface org.restheart.security.ACLRegistry

Parameters:

allow - The allow predicate to register. This predicate should return true to authorize the request, unless it is vetoed by any veto predicates or other vetoing conditions.

registerAuthenticationRequirement

public void registerAuthenticationRequirement(Predicate<org.restheart.exchange.Request<?>> authenticationRequired)

Registers a predicate that determines whether requests handled by the ACLRegistryAllower require authentication. This method is used to specify conditions under which authentication is mandatory. Typically, authentication is required unless there are allow predicates explicitly authorizing requests that are not authenticated.

Specified by:

registerAuthenticationRequirement in interface org.restheart.security.ACLRegistry

Parameters:

authenticationRequired - The predicate to determine if authentication is necessary. It should return true if the request must be authenticated, otherwise false if unauthenticated requests might be allowed.