Packages

  • package root
    Definition Classes
    root
  • package little
    Definition Classes
    root
  • package security

    Defines security model based on permissions granted to effective context.

    Defines security model based on permissions granted to effective context.

    How It Works

    little-security is powered by a pair of traits: Permission and SecurityContext.

    A Permission is defined with a given name, and one or more permissions can be applied to a restricted operation.

    A SecurityContext establishes a pattern in which a restricted operation is performed only if its required permissions are granted. Otherwise, a SecurityViolation is raised.

    Security in Action

    The following script demonstrates how read/write access to an in-memory cache could be implemented.

    import little.security.{ Permission, SecurityContext, UserContext }

import scala.collection.concurrent.TrieMap

object SecureCache {
  // Define permissions for reading and writing cache entries
  private val getPermission = Permission("cache:get")
  private val putPermission = Permission("cache:put")

  private val cache = TrieMap[String, String](
    "gang starr"      -> "step in the arena",
    "digable planets" -> "blowout comb"
  )

  def get(key: String)(implicit security: SecurityContext): String =
    // Test for read permission before getting cache entry
    security(getPermission) { cache(key) }

  def put(key: String, value: String)(implicit security: SecurityContext): Unit =
    // Test for write permission before putting cache entry
    security(putPermission) { cache += key -> value }
}

// Create security context for user with read permission to cache
implicit val user = UserContext("losizm", "staff", Permission("cache:get"))

// Get cache entry
val classic = SecureCache.get("gang starr")

// Throw SecurityViolation because user lacks write permission
SecureCache.put("sucker mc", classic)
    Definition Classes
    little
  • GroupPermission
  • Permission
  • RootContext
  • SecurityContext
  • SecurityViolation
  • UserContext
  • UserPermission
t

little.security

SecurityContext

sealed trait SecurityContext extends AnyRef

Defines context in which permissions are granted.

Linear Supertypes
AnyRef, Any
Known Subclasses
RootContext, UserContext
Ordering
  1. Alphabetic
  2. By Inheritance
Inherited
  1. SecurityContext
  2. AnyRef
  3. Any
  1. Hide All
  2. Show All
Visibility
  1. Public
  2. All

Abstract Value Members

  1. abstract def test(perm: Permission): Boolean

    Tests whether given permission is granted.

    Tests whether given permission is granted.

    perm

    permission

    returns

    true if permission is granted; otherwise, false

Concrete Value Members

  1. final def !=(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  2. final def ##(): Int
    Definition Classes
    AnyRef → Any
  3. final def ==(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  4. def all[T](one: Permission, more: Permission*)(op: ⇒ T): T

    Tests permissions before applying operation.

    Tests permissions before applying operation.

    If all supplied permissions are granted, the operation is applied; otherwise, SecurityViolation is thrown.

    one

    permission

    more

    additional permissions

    op

    operation

    returns

    value of operation

    Exceptions thrown

    SecurityViolation if all permissions are not granted

  5. def all[T](perms: Set[Permission])(op: ⇒ T): T

    Tests permissions before applying operation.

    Tests permissions before applying operation.

    If all supplied permissions are granted, the operation is applied; otherwise, SecurityViolation is thrown.

    perms

    permissions

    op

    operation

    returns

    value of operation

    Exceptions thrown

    SecurityViolation if all permissions are not granted

    Note

    The operation is authorized if perms is empty.

  6. def any[T](one: Permission, more: Permission*)(op: ⇒ T): T

    Tests permissions before applying operation.

    Tests permissions before applying operation.

    If any of supplied permissions is granted, the operation is applied; otherwise, SecurityViolation is thrown.

    one

    permission

    more

    additional permissions

    op

    operation

    returns

    value of operation

    Exceptions thrown

    SecurityViolation if no permission is granted

  7. def any[T](perms: Set[Permission])(op: ⇒ T): T

    Tests permissions before applying operation.

    Tests permissions before applying operation.

    If any of supplied permissions is granted, the operation is applied; otherwise, SecurityViolation is thrown.

    perms

    permissions

    op

    operation

    returns

    value of operation

    Exceptions thrown

    SecurityViolation if no permission is granted

    Note

    The operation is authorized if perms is empty.

  8. def apply[T](perm: Permission)(op: ⇒ T): T

    Tests permission before applying operation.

    Tests permission before applying operation.

    If supplied permission is granted, the operation is applied; otherwise, SecurityViolation is thrown.

    perm

    permission

    op

    operation

    returns

    value of operation

    Exceptions thrown

    SecurityViolation if permission is not granted

  9. final def asInstanceOf[T0]: T0
    Definition Classes
    Any
  10. def clone(): AnyRef
    Attributes
    protected[lang]
    Definition Classes
    AnyRef
    Annotations
    @throws( ... ) @native()
  11. final def eq(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  12. def equals(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  13. def finalize(): Unit
    Attributes
    protected[lang]
    Definition Classes
    AnyRef
    Annotations
    @throws( classOf[java.lang.Throwable] )
  14. final def getClass(): Class[_]
    Definition Classes
    AnyRef → Any
    Annotations
    @native()
  15. def hashCode(): Int
    Definition Classes
    AnyRef → Any
    Annotations
    @native()
  16. final def isInstanceOf[T0]: Boolean
    Definition Classes
    Any
  17. final def ne(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  18. final def notify(): Unit
    Definition Classes
    AnyRef
    Annotations
    @native()
  19. final def notifyAll(): Unit
    Definition Classes
    AnyRef
    Annotations
    @native()
  20. final def synchronized[T0](arg0: ⇒ T0): T0
    Definition Classes
    AnyRef
  21. def toString(): String
    Definition Classes
    AnyRef → Any
  22. final def wait(): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  23. final def wait(arg0: Long, arg1: Int): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws( ... )
  24. final def wait(arg0: Long): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws( ... ) @native()

Inherited from AnyRef

Inherited from Any

Ungrouped