public interface PolicyDecider
Modifier and Type | Method and Description |
---|---|
Set<String> |
getInaccessibleResources(DataPolicy.PermissionType action,
Set<String> resources,
DataPolicy.Context context,
CommandContext commandContext)
Returns the set of resources not allowed to be accessed by the current user.
|
boolean |
hasRole(String roleName,
CommandContext context)
Called by the system hasRole function to determine role membership.
|
boolean |
isTempAccessible(DataPolicy.PermissionType action,
String resource,
DataPolicy.Context context,
CommandContext commandContext)
Checks if the given temp table is accessible.
|
boolean |
validateCommand(CommandContext commandContext)
Determines if an authorization check should proceed
|
boolean hasRole(String roleName, CommandContext context)
roleName
- context
- Set<String> getInaccessibleResources(DataPolicy.PermissionType action, Set<String> resources, DataPolicy.Context context, CommandContext commandContext)
action
- resources
- context
- in which the action is performed.
For example you can have a context of DataPolicy.Context.UPDATE
for a DataPolicy.PermissionType.READ
for columns used in an UPDATE condition.commandContext
- boolean isTempAccessible(DataPolicy.PermissionType action, String resource, DataPolicy.Context context, CommandContext commandContext)
action
- resource
- context
- in which the action is performed.
For example you can have a context of DataPolicy.Context.UPDATE
for a DataPolicy.PermissionType.READ
for columns used in an UPDATE condition.commandContext
- boolean validateCommand(CommandContext commandContext)
commandContext
- Copyright © 2017 JBoss by Red Hat. All rights reserved.