Package com.vaadin.flow.server.auth

Class NavigationContext

java.lang.Object
com.vaadin.flow.server.auth.NavigationContext
public final class NavigationContext extends Object
Context information for a navigation request.

The navigation context is responsible for providing details about the current navigation, such as the navigation target, the location and the current user, and to allow NavigationAccessChecker to create a representation of their decisions.

A NavigationAccessChecker should use allow(), neutral(), deny(String) and reject(String) methods to create a result in NavigationAccessChecker.check(NavigationContext) implementation.

  • allow() created a result whose meaning is that the access to a view is granted.
  • neutral() means that the access checker is not able to determine if the current navigation should be allowed or not.
  • deny(String) is used to create a response that will prevent the navigation to the target view. The given reason should provide details that will help to debug access control issues.
  • reject(String) denies the access to the target view, but should be used to indicate mistakes in security configuration that do not allow the navigation checker to take a decision; for example, a configuration where the path /my/view is public, but /my/* is protected.

  • Constructor Details

    • NavigationContext

      public NavigationContext(Router router, Class<?> navigationTarget, Location location, RouteParameters parameters, Principal principal, Predicate<String> roleChecker, boolean errorHandling)
      Creates a new navigation context instance.
      Parameters:
      router - the router that triggered the change, not null
      navigationTarget - navigation target class, not null
      location - the requested location, not null
      parameters - route parameters, not null
      principal - the principal of the user
      roleChecker - a function that can answer if a user has a given role
      errorHandling - true if the current navigation is related to an error handling phase, false for a regular navigation to a target view

    • NavigationContext

      public NavigationContext(BeforeEnterEvent event, Principal principal, Predicate<String> roleChecker)
      Create a new navigation context instance based on a BeforeEnterEvent.
      Parameters:
      event - the event created before ongoing navigation happens.
      principal - the principal of the user
      roleChecker - a function that can answer if a user has a given role

  • Method Details

    • getRouter

      public Router getRouter()
      Gets the router that triggered the navigation change.
      Returns:
      router that triggered the navigation change, not null

    • getNavigationTarget

      public Class<?> getNavigationTarget()
      Gets the navigation target.

      In case of error handling, the navigation target refers to the HasErrorParameter component responsible to manage cope with the raised exception.

      Returns:
      navigation target, not null
      See Also:

    • getLocation

      public Location getLocation()
      Gets the requested location.

      Note that in case of error handling the location still references the initial request.

      Returns:
      the requested location, not null
      See Also:

    • getParameters

      public RouteParameters getParameters()
      Gets the route parameters associated with this event.
      Returns:
      route parameters retrieved from the navigation url, not null

    • getPrincipal

      public Principal getPrincipal()
      Gets the principal for the currently logged in user.
      Returns:
      a representation of the currently logged in user or null if no user is currently logged in

    • isErrorHandling

      public boolean isErrorHandling()
      Gets if current navigation change is related to error handling or if it is a regular navigation to a target view.
      Returns:
      true if the current navigation is related to an error handling phase, false for a regular navigation to a target view

    • hasRole

      public boolean hasRole(String role)
      Gets if the current user belongs the specified logical role.
      Parameters:
      role - a String specifying the name of the role
      Returns:
      true if the current user belongs to the given role, false otherwise

    • allow

      public AccessCheckResult allow()
      Create a result instance informing that the navigation to the target view is allowed for the current user.
      Returns:
      a AccessCheckDecision.ALLOW result instance.

    • neutral

      public AccessCheckResult neutral()
      Create a result instance informing that the checker cannot take a decision based on the given navigation information.
      Returns:
      a AccessCheckDecision.NEUTRAL result instance.

    • deny

      public AccessCheckResult deny(String reason)
      Create a result instance informing that the navigation to the target view is denied for the current user.
      Parameters:
      reason - a message explaining why the navigation has been denied. Useful for debugging purposes.
      Returns:
      a AccessCheckDecision.DENY result instance.

    • reject

      public AccessCheckResult reject(String reason)
      Create a result instance informing that the navigation to the target view is denied for the current user because of a misconfiguration or a critical development time error.
      Parameters:
      reason - a message explaining why the navigation has been denied and the critical issue encountered. Useful for debugging purposes.
      Returns:
      a AccessCheckDecision.REJECT result instance.