Package com.dtolabs.rundeck.core.authorization

Interface AuthContextEvaluator

  • All Known Subinterfaces:
    AuthContextProcessor
    public interface AuthContextEvaluator
    Utility interface for checking authorization for common resources using AuthContext

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      boolean authorizeApplicationResource​(AuthContext authContext, java.util.Map<java.lang.String,​java.lang.String> resource, java.lang.String action)
      return true if the action is authorized for the resource in the application context
      boolean authorizeApplicationResourceAll​(AuthContext authContext, java.util.Map<java.lang.String,​java.lang.String> resource, java.util.Collection<java.lang.String> actions)
      return true if all of the actions are authorized for the resource in the application context
      boolean authorizeApplicationResourceAny​(AuthContext authContext, java.util.Map<java.lang.String,​java.lang.String> resource, java.util.List<java.lang.String> actions)
      return true if any of the actions are authorized for the resource in the application context
      java.util.Set<java.util.Map<java.lang.String,​java.lang.String>> authorizeApplicationResourceSet​(AuthContext authContext, java.util.Set<java.util.Map<java.lang.String,​java.lang.String>> resources, java.util.Set<java.lang.String> actions)
      return all authorized resources for the action evaluated in the application context
      boolean authorizeApplicationResourceType​(AuthContext authContext, java.lang.String resourceType, java.lang.String action)
      return true if the action is authorized for the resource type in the application context
      boolean authorizeApplicationResourceTypeAll​(AuthContext authContext, java.lang.String resourceType, java.util.Collection<java.lang.String> actions)
      return true if all of the actions are authorized for the resource type in the application context
      boolean authorizeProjectResource​(AuthContext authContext, java.util.Map<java.lang.String,​java.lang.String> resource, java.lang.String action, java.lang.String project)
      return true if the action is authorized for the resource in the project context
      boolean authorizeProjectResourceAll​(AuthContext authContext, java.util.Map<java.lang.String,​java.lang.String> resource, java.util.Collection<java.lang.String> actions, java.lang.String project)
      Return true if all actions are authorized for the resource in the project context
      boolean authorizeProjectResourceAny​(AuthContext authContext, java.util.Map<java.lang.String,​java.lang.String> resource, java.util.Collection<java.lang.String> actions, java.lang.String project)
      Return true if any actions are authorized for the resource in the project context
      java.util.Set<Decision> authorizeProjectResources​(AuthContext authContext, java.util.Set<java.util.Map<java.lang.String,​java.lang.String>> resources, java.util.Set<java.lang.String> actions, java.lang.String project)
      return the decision set for all actions on all resources in the project context
      java.util.Map<java.lang.String,​java.lang.String> authResourceForJob​(java.lang.String name, java.lang.String jobGroup, java.lang.String uuid)
      Return the resource definition for a job for use by authorization checks
      java.util.Map<java.lang.String,​java.lang.String> authResourceForProject​(java.lang.String name)
      Return the resource inition for a project for use by authorization checks
      java.util.Map<java.lang.String,​java.lang.String> authResourceForProjectAcl​(java.lang.String name)
      Return the resource inition for a project ACL for use by authorization checks

    • Method Detail

      • authResourceForJob

        java.util.Map<java.lang.String,​java.lang.String> authResourceForJob​(java.lang.String name,
                                                                          java.lang.String jobGroup,
                                                                          java.lang.String uuid)
        Return the resource definition for a job for use by authorization checks
        Parameters:
        name - job name
        jobGroup - job group
        uuid - uuid
        Returns:

      • authorizeApplicationResourceTypeAll

        boolean authorizeApplicationResourceTypeAll​(AuthContext authContext,
                                            java.lang.String resourceType,
                                            java.util.Collection<java.lang.String> actions)
        return true if all of the actions are authorized for the resource type in the application context
        Parameters:
        resourceType -
        actions -

      • authorizeApplicationResourceType

        boolean authorizeApplicationResourceType​(AuthContext authContext,
                                         java.lang.String resourceType,
                                         java.lang.String action)
        return true if the action is authorized for the resource type in the application context
        Parameters:
        resourceType -
        action -

      • authorizeApplicationResourceAny

        boolean authorizeApplicationResourceAny​(AuthContext authContext,
                                        java.util.Map<java.lang.String,​java.lang.String> resource,
                                        java.util.List<java.lang.String> actions)
        return true if any of the actions are authorized for the resource in the application context
        Parameters:
        resource -
        actions -

      • authorizeApplicationResourceAll

        boolean authorizeApplicationResourceAll​(AuthContext authContext,
                                        java.util.Map<java.lang.String,​java.lang.String> resource,
                                        java.util.Collection<java.lang.String> actions)
        return true if all of the actions are authorized for the resource in the application context
        Parameters:
        resource -
        actions -

      • authorizeApplicationResourceSet

        java.util.Set<java.util.Map<java.lang.String,​java.lang.String>> authorizeApplicationResourceSet​(AuthContext authContext,
                                                                                                      java.util.Set<java.util.Map<java.lang.String,​java.lang.String>> resources,
                                                                                                      java.util.Set<java.lang.String> actions)
        return all authorized resources for the action evaluated in the application context
        Parameters:
        resources - requested resources to authorize
        actions - set of any actions to authorize
        Returns:
        set of authorized resources

      • authorizeApplicationResource

        boolean authorizeApplicationResource​(AuthContext authContext,
                                     java.util.Map<java.lang.String,​java.lang.String> resource,
                                     java.lang.String action)
        return true if the action is authorized for the resource in the application context
        Parameters:
        resource -
        action -

      • authorizeProjectResourceAny

        boolean authorizeProjectResourceAny​(AuthContext authContext,
                                    java.util.Map<java.lang.String,​java.lang.String> resource,
                                    java.util.Collection<java.lang.String> actions,
                                    java.lang.String project)
        Return true if any actions are authorized for the resource in the project context
        Parameters:
        resource -
        actions -
        project -

      • authorizeProjectResourceAll

        boolean authorizeProjectResourceAll​(AuthContext authContext,
                                    java.util.Map<java.lang.String,​java.lang.String> resource,
                                    java.util.Collection<java.lang.String> actions,
                                    java.lang.String project)
        Return true if all actions are authorized for the resource in the project context
        Parameters:
        resource -
        actions -
        project -

      • authorizeProjectResource

        boolean authorizeProjectResource​(AuthContext authContext,
                                 java.util.Map<java.lang.String,​java.lang.String> resource,
                                 java.lang.String action,
                                 java.lang.String project)
        return true if the action is authorized for the resource in the project context
        Parameters:
        resource -
        action -
        project -

      • authorizeProjectResources

        java.util.Set<Decision> authorizeProjectResources​(AuthContext authContext,
                                                  java.util.Set<java.util.Map<java.lang.String,​java.lang.String>> resources,
                                                  java.util.Set<java.lang.String> actions,
                                                  java.lang.String project)
        return the decision set for all actions on all resources in the project context
        Parameters:
        resources -
        actions -
        project -

      • authResourceForProjectAcl

        java.util.Map<java.lang.String,​java.lang.String> authResourceForProjectAcl​(java.lang.String name)
        Return the resource inition for a project ACL for use by authorization checks
        Parameters:
        name - the project name
        Returns:
        resource map for authorization check

      • authResourceForProject

        java.util.Map<java.lang.String,​java.lang.String> authResourceForProject​(java.lang.String name)
        Return the resource inition for a project for use by authorization checks
        Parameters:
        name - the project name
        Returns:
        resource map for authorization check