Uses of Interface
com.evolveum.midpoint.security.enforcer.api.AbstractAuthorizationParameters
-
Uses of AbstractAuthorizationParameters in com.evolveum.midpoint.security.enforcer.api
Modifier and TypeClassDescriptionclass
AuthorizationParameters<O extends ObjectType,
T extends ObjectType> Object-related authorization parameters.class
ValueAuthorizationParameters<V extends PrismValue>
Authorization parameters for sub-object operations.Modifier and TypeMethodDescriptiondefault void
SecurityEnforcer.authorize
(@NotNull String operationUrl, @Nullable AuthorizationPhaseType phase, @NotNull AbstractAuthorizationParameters params, @NotNull SecurityEnforcer.Options options, @NotNull Task task, @NotNull OperationResult result) Evaluates authorization: simply returns if the currently logged it user is authorized for a specified action.default void
SecurityEnforcer.authorize
(@NotNull String operationUrl, @Nullable AuthorizationPhaseType phase, @NotNull AbstractAuthorizationParameters params, @NotNull Task task, @NotNull OperationResult result) Convenience variant ofSecurityEnforcer.authorize(String, AuthorizationPhaseType, AbstractAuthorizationParameters, Options, Task, OperationResult)
with the default options.@NotNull AccessDecision
SecurityEnforcer.decideAccess
(@Nullable MidPointPrincipal principal, @NotNull String operationUrl, @Nullable AuthorizationPhaseType phase, @NotNull AbstractAuthorizationParameters params, @NotNull SecurityEnforcer.Options options, @NotNull Task task, @NotNull OperationResult result) General access-decision method.void
SecurityEnforcer.failAuthorization
(String operationUrl, AuthorizationPhaseType phase, AbstractAuthorizationParameters params, OperationResult result) Produces authorization error with proper message and logs it using proper logger.default boolean
SecurityEnforcer.isAuthorized
(@NotNull String operationUrl, @Nullable AuthorizationPhaseType phase, @NotNull AbstractAuthorizationParameters params, @NotNull SecurityEnforcer.Options options, @NotNull Task task, @NotNull OperationResult result) Returns `true` if the currently logged-in user is authorized for specified action (represented by `operationUrl`), returns `false` otherwise.