AccessPredicate (grpc-server-spring-boot-autoconfigure 2.15.0.RELEASE API)

All Superinterfaces:

BiPredicate<Authentication,io.grpc.ServerCall<?,?>>
```
public interface AccessPredicate
extends BiPredicate<Authentication,io.grpc.ServerCall<?,?>>
```
Predicate that can be used to check whether the given Authentication has access to the protected service/method. This interface assumes, that the user is authenticated before the method is called.

Nested Class Summary

Nested Classes
Modifier and Type Interface and Description

static interface AccessPredicate.SocketPredicate
Some helper methods used to create Predicates for SocketAddresses.

Nested Classes
Modifier and Type	Interface and Description
`static interface`	`AccessPredicate.SocketPredicate` Some helper methods used to create `Predicate`s for `SocketAddress`es.

Method Summary

All Methods Static Methods Instance Methods Abstract Methods Default Methods
Modifier and Type	Method and Description
`default AccessPredicate`	`and(BiPredicate<? super Authentication,? super io.grpc.ServerCall<?,?>> other)`
`default AccessPredicate`	`and(Predicate<? super Authentication> other)` Combines this predicate with the given predicate using the `AND` operator.
`static AccessPredicate`	`authenticated()` All authenticated users can access the protected instance including anonymous users.
`static AccessPredicate`	`denyAll()` Nobody can access the protected instance.
`static AccessPredicate`	`fromClientAddress(Predicate<? super SocketAddress> remoteAddressCheck)` Checks that the client connected from the given address.
`static AccessPredicate`	`fullyAuthenticated()` All authenticated users can access the protected instance excluding anonymous users.
`static AccessPredicate`	`hasAllAuthorities(Collection<GrantedAuthority> roles)` Only those who have any of the given `GrantedAuthority` can access the protected instance.
`static AccessPredicate`	`hasAllAuthorities(GrantedAuthority... roles)` Only those who have all of the given `GrantedAuthority` can access the protected instance.
`static AccessPredicate`	`hasAllRoles(Collection<String> roles)` Only those who have all of the given roles can access the protected instance.
`static AccessPredicate`	`hasAllRoles(String... roles)` Only those who have all of the given roles can access the protected instance.
`static AccessPredicate`	`hasAnyAuthority(Collection<GrantedAuthority> roles)` Only those who have any of the given `GrantedAuthority` can access the protected instance.
`static AccessPredicate`	`hasAnyAuthority(GrantedAuthority... roles)` Only those who have any of the given `GrantedAuthority` can access the protected instance.
`static AccessPredicate`	`hasAnyRole(Collection<String> roles)` Only those who have any of the given roles can access the protected instance.
`static AccessPredicate`	`hasAnyRole(String... roles)` Only those who have any of the given roles can access the protected instance.
`static AccessPredicate`	`hasAuthority(GrantedAuthority role)` Only those who have the given `GrantedAuthority` can access the protected instance.
`static AccessPredicate`	`hasRole(String role)` Only those who have the given role can access the protected instance.
`default AccessPredicate`	`negate()`
`default AccessPredicate`	`or(BiPredicate<? super Authentication,? super io.grpc.ServerCall<?,?>> other)`
`default AccessPredicate`	`or(Predicate<? super Authentication> other)` Combines this predicate with the given predicate using the `OR` operator.
`static AccessPredicate`	`permitAll()` Special constant that symbolizes that everybody (including unauthenticated users) can access the instance (no protection).
`boolean`	`test(Authentication authentication, io.grpc.ServerCall<?,?> serverCall)` Checks whether the given user is authorized to execute the given call.
`static AccessPredicate`	`toServerAddress(Predicate<? super SocketAddress> localAddressCheck)` Checks that the client connected to the given server address.

- Method Detail
  - test
```
boolean test(Authentication authentication,
             io.grpc.ServerCall<?,?> serverCall)
```
    Checks whether the given user is authorized to execute the given call.
    
    Specified by:
    
    test in interface BiPredicate<Authentication,io.grpc.ServerCall<?,?>>
    
    Parameters:
    
    authentication - The authentication to check.
    
    serverCall - The secure object being called.
    
    Returns:
    
    True, if the user has access. False otherwise.
  - negate
```
default AccessPredicate negate()
```
    Specified by:
    
    negate in interface BiPredicate<Authentication,io.grpc.ServerCall<?,?>>
  - and
```
default AccessPredicate and(Predicate<? super Authentication> other)
```
    Combines this predicate with the given predicate using the AND operator.
    
    Parameters:
    
    other - The other predicate to call.
    
    Returns:
    
    The combined predicate.
  - and
```
default AccessPredicate and(BiPredicate<? super Authentication,? super io.grpc.ServerCall<?,?>> other)
```
    Specified by:
    
    and in interface BiPredicate<Authentication,io.grpc.ServerCall<?,?>>
  - or
```
default AccessPredicate or(Predicate<? super Authentication> other)
```
    Combines this predicate with the given predicate using the OR operator.
    
    Parameters:
    
    other - The other predicate to call.
    
    Returns:
    
    The combined predicate.
  - or
```
default AccessPredicate or(BiPredicate<? super Authentication,? super io.grpc.ServerCall<?,?>> other)
```
    Specified by:
    
    or in interface BiPredicate<Authentication,io.grpc.ServerCall<?,?>>
  - permitAll
```
static AccessPredicate permitAll()
```
    Special constant that symbolizes that everybody (including unauthenticated users) can access the instance (no protection).
    Note: This is a special constant, that does not allow execution and mutation. It's sole purpose is to avoid ambiguity for null values. It should only be used in == comparisons.
    
    Returns:
    
    A special constant that symbolizes public access.
  - authenticated
```
static AccessPredicate authenticated()
```
    All authenticated users can access the protected instance including anonymous users.
    Note: The negation of this call is denyAll() and NOT all unauthenticated.
    
    Returns:
    
    A newly created AccessPredicate that always returns true.
  - fullyAuthenticated
```
static AccessPredicate fullyAuthenticated()
```
    All authenticated users can access the protected instance excluding anonymous users.
    
    Returns:
    
    A newly created AccessPredicate that checks whether the user is explicitly authenticated.
  - denyAll
```
static AccessPredicate denyAll()
```
    Nobody can access the protected instance.
    Note: The negation of this call is authenticated() and NOT permitAll().
    
    Returns:
    
    A newly created AccessPredicate that always returns false.
  - hasRole
```
static AccessPredicate hasRole(String role)
```
    Only those who have the given role can access the protected instance.
    
    Parameters:
    
    role - The role to check for.
    
    Returns:
    
    A newly created AccessPredicate that only returns true, if the name of the GrantedAuthoritys matches the given role name.
  - hasAuthority
```
static AccessPredicate hasAuthority(GrantedAuthority role)
```
    Only those who have the given GrantedAuthority can access the protected instance.
    
    Parameters:
    
    role - The role to check for.
    
    Returns:
    
    A newly created AccessPredicate that only returns true, if the GrantedAuthoritys matches the given role.
  - hasAnyRole
```
static AccessPredicate hasAnyRole(String... roles)
```
    Only those who have any of the given roles can access the protected instance.
    
    Parameters:
    
    roles - The roles to check for.
    
    Returns:
    
    A newly created AccessPredicate that only returns true, if the name of the GrantedAuthoritys matches any of the given role names.
  - hasAnyRole
```
static AccessPredicate hasAnyRole(Collection<String> roles)
```
    Only those who have any of the given roles can access the protected instance.
    
    Parameters:
    
    roles - The roles to check for.
    
    Returns:
    
    A newly created AccessPredicate that only returns true, if the name of the GrantedAuthoritys matches any of the given role names.
  - hasAnyAuthority
```
static AccessPredicate hasAnyAuthority(GrantedAuthority... roles)
```
    Only those who have any of the given GrantedAuthority can access the protected instance.
    
    Parameters:
    
    roles - The roles to check for.
    
    Returns:
    
    A newly created AccessPredicate that only returns true, if the GrantedAuthoritys matches any of the given roles.
  - hasAnyAuthority
```
static AccessPredicate hasAnyAuthority(Collection<GrantedAuthority> roles)
```
    Only those who have any of the given GrantedAuthority can access the protected instance.
    
    Parameters:
    
    roles - The roles to check for.
    
    Returns:
    
    A newly created AccessPredicate that only returns true, if the GrantedAuthoritys matches any of the given roles.
  - hasAllRoles
```
static AccessPredicate hasAllRoles(String... roles)
```
    Only those who have all of the given roles can access the protected instance.
    
    Parameters:
    
    roles - The roles to check for.
    
    Returns:
    
    A newly created AccessPredicate that only returns true, if the name of the GrantedAuthoritys matches all of the given role names.
  - hasAllRoles
```
static AccessPredicate hasAllRoles(Collection<String> roles)
```
    Only those who have all of the given roles can access the protected instance.
    
    Parameters:
    
    roles - The roles to check for.
    
    Returns:
    
    A newly created AccessPredicate that only returns true, if the name of the GrantedAuthoritys matches all of the given role names.
  - hasAllAuthorities
```
static AccessPredicate hasAllAuthorities(GrantedAuthority... roles)
```
    Only those who have all of the given GrantedAuthority can access the protected instance.
    
    Parameters:
    
    roles - The roles to check for.
    
    Returns:
    
    A newly created AccessPredicate that only returns true, if the GrantedAuthoritys matches all of the given roles.
  - hasAllAuthorities
```
static AccessPredicate hasAllAuthorities(Collection<GrantedAuthority> roles)
```
    Only those who have any of the given GrantedAuthority can access the protected instance.
    
    Parameters:
    
    roles - The roles to check for.
    
    Returns:
    
    A newly created AccessPredicate that only returns true, if the GrantedAuthoritys matches all of the given roles.
  - fromClientAddress
```
static AccessPredicate fromClientAddress(Predicate<? super SocketAddress> remoteAddressCheck)
```
    Checks that the client connected from the given address.
    
    Parameters:
    
    remoteAddressCheck - The check to apply to the client address.
    
    Returns:
    
    A newly created AccessPredicate that only returns true, if the client address passes the given check.
    
    See Also:
    
    Grpc.TRANSPORT_ATTR_REMOTE_ADDR
  - toServerAddress
```
static AccessPredicate toServerAddress(Predicate<? super SocketAddress> localAddressCheck)
```
    Checks that the client connected to the given server address.
    
    Parameters:
    
    localAddressCheck - The check to apply to the server address.
    
    Returns:
    
    A newly created AccessPredicate that only returns true, if the server address passes the given check.
    
    See Also:
    
    Grpc.TRANSPORT_ATTR_LOCAL_ADDR

Interface AccessPredicate

Nested Class Summary

Method Summary

Method Detail

test

negate

and

and

or

or

permitAll

authenticated

fullyAuthenticated

denyAll

hasRole

hasAuthority

hasAnyRole

hasAnyRole

hasAnyAuthority

hasAnyAuthority

hasAllRoles

hasAllRoles

hasAllAuthorities

hasAllAuthorities

fromClientAddress

toServerAddress