AuthorizationService (nakadi-plugin-api 3.1.3 API)

```
public interface AuthorizationService
```

Nested Class Summary

Nested Classes
Modifier and Type Interface and Description

static class AuthorizationService.Operation

Nested Classes
Modifier and Type	Interface and Description
`static class`	`AuthorizationService.Operation`

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`java.util.List<Resource>`	`filter(java.util.List<Resource> input)` Filters a list of resources based on authorization rules.
`java.util.Optional<Subject>`	`getSubject()` Get the subject from the request made to the server.
`boolean`	`isAuthorizationAttributeValid(AuthorizationAttribute attribute)` Check whether an attribute is valid.
`boolean`	`isAuthorized(AuthorizationService.Operation operation, Resource resource)` Check whether a caller, represented by a token, is authorized to perform an operation on a resource.

- Method Detail
  - isAuthorized
```
boolean isAuthorized(AuthorizationService.Operation operation,
                     Resource resource)
              throws PluginException
```
    Check whether a caller, represented by a token, is authorized to perform an operation on a resource. Notice that the subject is not an explicit parameter of this method call. That's because this method expects the subject to be accessible in the context, as done in org.springframework.security.core.context.SecurityContextHolder
    
    Parameters:
    
    operation - the operation (read, write, admin) to authorize
    
    resource - the resource that the subject wants to perform an operation on
    
    Returns:
    
    true if the subject, is authorized to perform the operation on the resource
    
    Throws:
    
    PluginException - if an error occurred during execution
  - isAuthorizationAttributeValid
```
boolean isAuthorizationAttributeValid(AuthorizationAttribute attribute)
                               throws PluginException
```
    Check whether an attribute is valid. Example: Take an attribute with key 'username' and value 'nakadi'. A plugin implementing this method could check that (a) 'username' is an accepted key, and (b) 'nakadi' is a username that exists and is active.
    
    Parameters:
    
    attribute - the attribute to validate
    
    Returns:
    
    true if the attribute is valid
    
    Throws:
    
    PluginException - if an error occurred during execution
  - filter
```
java.util.List<Resource> filter(java.util.List<Resource> input)
                         throws PluginException
```
    Filters a list of resources based on authorization rules. For example, if a user is only able to see the event types for which he has some permissions, this method will take the list of all event types, and return only those that the caller can see.
    
    Parameters:
    
    input - the list to filter
    
    Returns:
    
    a filtered list
    
    Throws:
    
    PluginException - if an error occurred during execution
  - getSubject
```
java.util.Optional<Subject> getSubject()
                                throws PluginException
```
    Get the subject from the request made to the server.
    
    Returns:
    
    returns the 'Subject' who made the request. The name of the Subject can be then obtained from the object.
    
    Throws:
    
    PluginException - if an error occurred during execution

Interface AuthorizationService

Nested Class Summary

Method Summary

Method Detail

isAuthorized

isAuthorizationAttributeValid

filter

getSubject