Package com.dtolabs.rundeck.core.authorization

Interface Authorization

  • All Known Subinterfaces:
    AclRuleSetAuthorization
    All Known Implementing Classes:
    RuleEvaluator
    public interface Authorization
    Instances of classes that implement this interface take context and command info and lookup whether the user can execute the specified handler.

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      Decision evaluate​(java.util.Map<java.lang.String,​java.lang.String> resource, javax.security.auth.Subject subject, java.lang.String action, java.util.Set<Attribute> environment)
      Evaluate the authorization request and return if this request is valid.
      java.util.Set<Decision> evaluate​(java.util.Set<java.util.Map<java.lang.String,​java.lang.String>> resources, javax.security.auth.Subject subject, java.util.Set<java.lang.String> actions, java.util.Set<Attribute> environment)
      Make a multiple resource determination by evaluating each action for each resource.

    • Method Detail

      • evaluate

        Decision evaluate​(java.util.Map<java.lang.String,​java.lang.String> resource,
                  javax.security.auth.Subject subject,
                  java.lang.String action,
                  java.util.Set<Attribute> environment)
        Evaluate the authorization request and return if this request is valid. Make a single resource determination. The method is loosely based on the XACML model for structuring requests and response. These can be prefixed with a fully qualified namespace and ':'. If anything goes wrong in evaluating the request, the result will be false. No exception will be thrown.
        Parameters:
        resource - The properties that identify the resource.
        subject - The properties that represent the subject.
        action - A set of actions that are being requested on the resource.
        environment - A set of environment properties (hostname, time of day, etc.)
        Returns:
        decision Return true if the subject's action on the object given the environment is authorized.

      • evaluate

        java.util.Set<Decision> evaluate​(java.util.Set<java.util.Map<java.lang.String,​java.lang.String>> resources,
                                 javax.security.auth.Subject subject,
                                 java.util.Set<java.lang.String> actions,
                                 java.util.Set<Attribute> environment)
        Make a multiple resource determination by evaluating each action for each resource.
        Parameters:
        resources - resource set
        subject - subject
        actions - action set
        environment - environment
        Returns:
        decisions for each resource+action pair