Interface Authorizable
- All Known Subinterfaces:
ComponentAuthorizable
public interface Authorizable
-
Method Summary
Modifier and TypeMethodDescriptiondefault void
authorize
(Authorizer authorizer, RequestAction action, NiFiUser user) Authorizes the current user for the specified action on the specified resource.default void
authorize
(Authorizer authorizer, RequestAction action, NiFiUser user, Map<String, String> resourceContext) Authorizes the current user for the specified action on the specified resource.default AuthorizationResult
checkAuthorization
(Authorizer authorizer, RequestAction action, NiFiUser user) Returns the result of an authorization request for the specified user for the specified action on the specified resource.default AuthorizationResult
checkAuthorization
(Authorizer authorizer, RequestAction action, NiFiUser user, Map<String, String> resourceContext) Returns the result of an authorization request for the specified user for the specified action on the specified resource.The parent for this Authorizable.default Resource
The originally requested resource for this Authorizable.The Resource for this Authorizable.default boolean
isAuthorized
(Authorizer authorizer, RequestAction action, NiFiUser user) Returns whether the current user is authorized for the specified action on the specified resource.
-
Method Details
-
getParentAuthorizable
Authorizable getParentAuthorizable()The parent for this Authorizable. May be null.- Returns:
- the parent authorizable or null
-
getResource
Resource getResource()The Resource for this Authorizable.- Returns:
- the resource
-
getRequestedResource
The originally requested resource for this Authorizable. Because policies are inherited, if a resource does not have a policy, this Authorizable may represent a parent resource and this method will return the originally requested resource.- Returns:
- the originally requested resource
-
isAuthorized
Returns whether the current user is authorized for the specified action on the specified resource. This method does not imply the user is directly attempting to access the specified resource. If the user is attempting a direct access use Authorizable.authorize().- Parameters:
authorizer
- authorizeraction
- action- Returns:
- is authorized
-
checkAuthorization
default AuthorizationResult checkAuthorization(Authorizer authorizer, RequestAction action, NiFiUser user, Map<String, String> resourceContext) Returns the result of an authorization request for the specified user for the specified action on the specified resource. This method does not imply the user is directly attempting to access the specified resource. If the user is attempting a direct access use Authorizable.authorize().- Parameters:
authorizer
- authorizeraction
- actionuser
- user- Returns:
- is authorized
-
checkAuthorization
default AuthorizationResult checkAuthorization(Authorizer authorizer, RequestAction action, NiFiUser user) Returns the result of an authorization request for the specified user for the specified action on the specified resource. This method does not imply the user is directly attempting to access the specified resource. If the user is attempting a direct access use Authorizable.authorize().- Parameters:
authorizer
- authorizeraction
- actionuser
- user- Returns:
- is authorized
-
authorize
default void authorize(Authorizer authorizer, RequestAction action, NiFiUser user, Map<String, String> resourceContext) throws AccessDeniedExceptionAuthorizes the current user for the specified action on the specified resource. This method does imply the user is directly accessing the specified resource.- Parameters:
authorizer
- authorizeraction
- actionuser
- userresourceContext
- resource context- Throws:
AccessDeniedException
-
authorize
default void authorize(Authorizer authorizer, RequestAction action, NiFiUser user) throws AccessDeniedException Authorizes the current user for the specified action on the specified resource. This method does imply the user is directly accessing the specified resource.- Parameters:
authorizer
- authorizeraction
- actionuser
- user- Throws:
AccessDeniedException
-