Package org.apache.nifi.authorization
Class AuthorizationRequest
java.lang.Object
org.apache.nifi.authorization.AuthorizationRequest
Represents an authorization request for a given user/entity performing an action against a resource within some userContext.
-
Nested Class Summary
Modifier and TypeClassDescriptionstatic final class
AuthorizationRequest builder. -
Field Summary
Modifier and TypeFieldDescriptionprivate final RequestAction
static final String
private final String
private final boolean
private final boolean
private final Resource
private final Resource
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionThe action being taken against the Resource.A supplier for the explanation if access is denied.The groups the user making this request belongs to.The identity accessing the Resource.The original Resource being requested.The Resource being authorized.The event attributes to make additional access decisions for provenance events.The userContext of the user request to make additional access decisions.boolean
Whether this is a direct access attempt of the Resource if if it's being checked as part of another response.boolean
Whether the entity accessing is anonymous.
-
Field Details
-
DEFAULT_EXPLANATION
- See Also:
-
resource
-
requestedResource
-
identity
-
groups
-
action
-
isAccessAttempt
private final boolean isAccessAttempt -
isAnonymous
private final boolean isAnonymous -
userContext
-
resourceContext
-
explanationSupplier
-
-
Constructor Details
-
AuthorizationRequest
-
-
Method Details
-
getResource
The Resource being authorized. Not null.- Returns:
- The resource
-
getRequestedResource
The original Resource being requested. In cases with inherited policies, this will be a ancestor resource of of the current resource. The initial request, and cases without inheritance, the requested resource will be the same as the current resource.- Returns:
- The requested resource
-
getIdentity
The identity accessing the Resource. May be null if the user could not authenticate.- Returns:
- The identity
-
getGroups
The groups the user making this request belongs to. May be null if this NiFi is not configured to load user groups or empty if the user has no groups- Returns:
- The groups
-
isAccessAttempt
public boolean isAccessAttempt()Whether this is a direct access attempt of the Resource if if it's being checked as part of another response.- Returns:
- if this is a direct access attempt
-
isAnonymous
public boolean isAnonymous()Whether the entity accessing is anonymous.- Returns:
- whether the entity is anonymous
-
getAction
The action being taken against the Resource. Not null.- Returns:
- The action
-
getUserContext
The userContext of the user request to make additional access decisions. May be null.- Returns:
- The userContext of the user request
-
getResourceContext
The event attributes to make additional access decisions for provenance events. May be null.- Returns:
- The event attributes
-
getExplanationSupplier
A supplier for the explanation if access is denied. Non null.- Returns:
- The explanation supplier if access is denied
-