public class DataRolePolicyDecider extends Object implements PolicyDecider
Constructor and Description |
---|
DataRolePolicyDecider() |
Modifier and Type | Method and Description |
---|---|
Set<String> |
getInaccessibleResources(DataPolicy.PermissionType action,
Set<String> resources,
DataPolicy.Context context,
CommandContext commandContext)
Returns the set of resources not allowed to be accessed by the current user.
|
boolean |
hasRole(String roleName,
CommandContext context)
Called by the system hasRole function to determine role membership.
|
boolean |
isTempAccessible(DataPolicy.PermissionType action,
String resource,
DataPolicy.Context context,
CommandContext commandContext)
Checks if the given temp table is accessible.
|
void |
setAllowCreateTemporaryTablesByDefault(boolean allowCreateTemporaryTablesByDefault) |
void |
setAllowFunctionCallsByDefault(boolean allowFunctionCallsDefault) |
boolean |
validateCommand(CommandContext commandContext)
Determines if an authorization check should proceed
|
public Set<String> getInaccessibleResources(DataPolicy.PermissionType action, Set<String> resources, DataPolicy.Context context, CommandContext commandContext)
PolicyDecider
getInaccessibleResources
in interface PolicyDecider
context
- in which the action is performed.
For example you can have a context of DataPolicy.Context.UPDATE
for a DataPolicy.PermissionType.READ
for columns used in an UPDATE condition.public boolean hasRole(String roleName, CommandContext context)
PolicyDecider
hasRole
in interface PolicyDecider
public boolean isTempAccessible(DataPolicy.PermissionType action, String resource, DataPolicy.Context context, CommandContext commandContext)
PolicyDecider
isTempAccessible
in interface PolicyDecider
context
- in which the action is performed.
For example you can have a context of DataPolicy.Context.UPDATE
for a DataPolicy.PermissionType.READ
for columns used in an UPDATE condition.public void setAllowCreateTemporaryTablesByDefault(boolean allowCreateTemporaryTablesByDefault)
public void setAllowFunctionCallsByDefault(boolean allowFunctionCallsDefault)
public boolean validateCommand(CommandContext commandContext)
PolicyDecider
validateCommand
in interface PolicyDecider
Copyright © 2018 JBoss by Red Hat. All rights reserved.