Package com.evolveum.midpoint.security.enforcer.api
package com.evolveum.midpoint.security.enforcer.api
-
ClassDescriptionParameters describing the details of the situation we want to check authorization for.Object-related authorization parameters.FilterGizmo<F>Gizmo (device,gadget,thing) that handles search filters and other filter-like things during security processing of search filters.Compiled security constraints for a given prism value (usually containerable) and operation, at the granularity of individual contained items.Extracted relevant security constraints related to given object.Supports "intelligent" specification of a set of item paths formed by three kinds of primitives: - "include all items" (corresponds to an authorization with neither `item` nor `exceptItem` values) - "include specified items (plus children)" (corresponds to an authorization with `item` values) - "include all items except for specified items (plus children)" (corresponds to an authorization with `exceptItem` values) This object is gradually built by calling
PositiveNegativeItemPaths.collectItemPaths(Collection, Collection)method providing increments to `item` and `exceptItem` sets.Compiled security constraints for a given operation and phase applicable to a prism entity (ItemorPrismValue).Compiled constraints related to anItem; they describe access to their values.Compiled constraints related to aPrismValue; they describe access to contained sub-items.Answers questions about authorizations, for example whether a user is authorized to do something.A sink for authorization/selector evaluation messages.ValueAuthorizationParameters<V extends PrismValue>Authorization parameters for sub-object operations.