org.casbin.jcasbin.main

Class Enforcer

java.lang.Object

org.casbin.jcasbin.main.CoreEnforcer

org.casbin.jcasbin.main.ManagementEnforcer

org.casbin.jcasbin.main.Enforcer

Direct Known Subclasses:

SyncedEnforcer

public class Enforcer
extends ManagementEnforcer

Enforcer = ManagementEnforcer + RBAC API.

Constructor Summary

Constructors

Constructor and Description
Enforcer() Enforcer is the default constructor.
Enforcer(Model m) Enforcer initializes an enforcer with a model.
Enforcer(Model m, Adapter adapter) Enforcer initializes an enforcer with a model and a database adapter.
Enforcer(Model m, Adapter adapter, boolean enableLog) Enforcer initializes an enforcer with a model, a database adapter and an enable log flag.
Enforcer(java.lang.String modelPath) Enforcer initializes an enforcer with a model file.
Enforcer(java.lang.String modelPath, Adapter adapter) Enforcer initializes an enforcer with a database adapter.
Enforcer(java.lang.String modelPath, java.lang.String policyFile) Enforcer initializes an enforcer with a model file and a policy file.
Enforcer(java.lang.String modelPath, java.lang.String policyFile, boolean enableLog) Enforcer initializes an enforcer with a model file, a policy file and an enable log flag.

Method Summary

Modifier and Type	Method and Description
boolean	addPermissionForUser(java.lang.String user, java.util.List<java.lang.String> permission) addPermissionForUser adds a permission for a user or role.
boolean	addPermissionForUser(java.lang.String user, java.lang.String... permission) addPermissionForUser adds a permission for a user or role.
boolean	addRoleForUser(java.lang.String user, java.lang.String role) addRoleForUser adds a role for a user.
boolean	addRoleForUserInDomain(java.lang.String user, java.lang.String role, java.lang.String domain) addRoleForUserInDomain adds a role for a user inside a domain.
java.util.List<java.lang.Boolean>	batchEnforce(java.util.List<java.util.List<java.lang.String>> rules) BatchEnforce enforce in batches
java.util.List<java.lang.Boolean>	batchEnforceWithMatcher(java.lang.String matcher, java.util.List<java.util.List<java.lang.String>> rules) batchEnforceWithMatcher enforce with matcher in batches
void	buildIncrementalRoleLinks(Model.PolicyOperations op, java.lang.String ptype, java.util.List<java.util.List<java.lang.String>> rules) buildIncrementalRoleLinks provides incremental build the role inheritance relations.
boolean	deletePermission(java.util.List<java.lang.String> permission) deletePermission deletes a permission.
boolean	deletePermission(java.lang.String... permission) deletePermission deletes a permission.
boolean	deletePermissionForUser(java.lang.String user, java.util.List<java.lang.String> permission) deletePermissionForUser deletes a permission for a user or role.
boolean	deletePermissionForUser(java.lang.String user, java.lang.String... permission) deletePermissionForUser deletes a permission for a user or role.
boolean	deletePermissionsForUser(java.lang.String user) deletePermissionsForUser deletes permissions for a user or role.
void	deleteRole(java.lang.String role) deleteRole deletes a role.
boolean	deleteRoleForUser(java.lang.String user, java.lang.String role) deleteRoleForUser deletes a role for a user.
boolean	deleteRoleForUserInDomain(java.lang.String user, java.lang.String role, java.lang.String domain) deleteRoleForUserInDomain deletes a role for a user inside a domain.
boolean	deleteRolesForUser(java.lang.String user) deleteRolesForUser deletes all roles for a user.
boolean	deleteUser(java.lang.String user) deleteUser deletes a user.
java.util.List<java.util.List<java.lang.String>>	getImplicitPermissionsForUser(java.lang.String user, java.lang.String... domain) getImplicitPermissionsForUser gets implicit permissions for a user or role.
java.util.List<java.util.List<java.lang.String>>	getImplicitPermissionsForUserInDomain(java.lang.String user, java.lang.String domain) getImplicitPermissionsForUserInDomain gets implicit permissions for a user or role in domain.
java.util.List<java.lang.String>	getImplicitRolesForUser(java.lang.String name, java.lang.String... domain) getImplicitRolesForUser gets implicit roles that a user has.
java.util.List<java.lang.String>	getImplicitUsersForRole(java.lang.String name, java.lang.String... domain) getImplicitUsersForRole gets implicit users for a role.
java.util.List<java.util.List<java.lang.String>>	getNamedImplicitPermissionsForUser(java.lang.String pType, java.lang.String user, java.lang.String... domain) GetNamedImplicitPermissionsForUser gets implicit permissions for a user or role by named policy.
java.util.List<java.util.List<java.lang.String>>	getPermissionsForUser(java.lang.String user, java.lang.String... domain) getPermissionsForUser gets permissions for a user or role.
java.util.List<java.util.List<java.lang.String>>	getPermissionsForUserInDomain(java.lang.String user, java.lang.String domain) getPermissionsForUserInDomain gets permissions for a user or role inside a domain.
java.util.List<java.lang.String>	getRolesForUser(java.lang.String name) getRolesForUser gets the roles that a user has.
java.util.List<java.lang.String>	getRolesForUserInDomain(java.lang.String name, java.lang.String domain) getRolesForUserInDomain gets the roles that a user has inside a domain.
java.util.List<java.lang.String>	getUsersForRole(java.lang.String name) getUsersForRole gets the users that have a role.
java.util.List<java.lang.String>	getUsersForRoleInDomain(java.lang.String name, java.lang.String domain) getUsersForRoleInDomain gets the users that a role has inside a domain.
boolean	hasPermissionForUser(java.lang.String user, java.util.List<java.lang.String> permission) hasPermissionForUser determines whether a user has a permission.
boolean	hasPermissionForUser(java.lang.String user, java.lang.String... permission) hasPermissionForUser determines whether a user has a permission.
boolean	hasRoleForUser(java.lang.String name, java.lang.String role) hasRoleForUser determines whether a user has a role.
boolean	updatePermissionForUser(java.lang.String user, java.util.List<java.lang.String> oldPermission, java.util.List<java.lang.String> newPermission) updatePermissionForUser updates a permission for a user or role.

Methods inherited from class org.casbin.jcasbin.main.ManagementEnforcer

addFunction, addGroupingPolicies, addGroupingPolicies, addGroupingPolicy, addGroupingPolicy, addNamedGroupingPolicies, addNamedGroupingPolicies, addNamedGroupingPolicy, addNamedGroupingPolicy, addNamedPolicies, addNamedPolicy, addNamedPolicy, addPolicies, addPolicies, addPolicy, addPolicy, getAllActions, getAllNamedActions, getAllNamedObjects, getAllNamedRoles, getAllNamedSubjects, getAllObjects, getAllRoles, getAllSubjects, getFilteredGroupingPolicy, getFilteredNamedGroupingPolicy, getFilteredNamedPolicy, getFilteredPolicy, getGroupingPolicy, getNamedGroupingPolicy, getNamedPolicy, getPermittedActions, getPolicy, hasGroupingPolicy, hasGroupingPolicy, hasNamedGroupingPolicy, hasNamedGroupingPolicy, hasNamedPolicy, hasNamedPolicy, hasPolicy, hasPolicy, removeFilteredGroupingPolicy, removeFilteredNamedGroupingPolicy, removeFilteredNamedPolicy, removeFilteredPolicy, removeGroupingPolicies, removeGroupingPolicies, removeGroupingPolicy, removeGroupingPolicy, removeNamedGroupingPolicies, removeNamedGroupingPolicies, removeNamedGroupingPolicy, removeNamedGroupingPolicy, removeNamedPolicies, removeNamedPolicy, removeNamedPolicy, removePolicies, removePolicies, removePolicy, removePolicy, updateGroupingPolicy, updateNamedGroupingPolicy, updateNamedPolicy, updatePolicy

Methods inherited from class org.casbin.jcasbin.main.CoreEnforcer

addNamedDomainLinkConditionFunc, addNamedDomainMatchingFunc, addNamedLinkConditionFunc, addNamedMatchingFunc, buildConditionalRoleLinks, buildRoleLinks, clearPolicy, enableAcceptJsonRequest, enableAutoBuildRoleLinks, enableAutoSave, enableEnforce, enableLog, enforce, enforceEx, enforceExWithMatcher, enforceWithMatcher, getAdapter, getAviatorEval, getModel, getNamedRoleManager, getRmMap, getRoleManager, isAutoNotifyDispatcher, isAutoNotifyWatcher, isFiltered, loadFilteredPolicy, loadModel, loadPolicy, mustUseDispatcher, newModel, newModel, newModel, resetExpressionEvaluator, savePolicy, setAdapter, setAutoNotifyDispatcher, setAutoNotifyWatcher, setAviatorEvaluator, setDispatcher, setEffector, setModel, setNamedDomainLinkConditionFuncParams, setNamedLinkConditionFuncParams, setNamedRoleManager, setRoleManager, setRoleManager, setWatcher, validateEnforce

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Enforcer

public Enforcer()

Enforcer is the default constructor.

Enforcer

public Enforcer(java.lang.String modelPath,
                java.lang.String policyFile)

Enforcer initializes an enforcer with a model file and a policy file.

Parameters:

modelPath - the path of the model file.

policyFile - the path of the policy file.

Enforcer

public Enforcer(java.lang.String modelPath,
                Adapter adapter)

Enforcer initializes an enforcer with a database adapter.

Parameters:

modelPath - the path of the model file.

adapter - the adapter.

Enforcer

public Enforcer(Model m,
                Adapter adapter)

Enforcer initializes an enforcer with a model and a database adapter.

Parameters:

m - the model.

adapter - the adapter.

Enforcer

public Enforcer(Model m,
                Adapter adapter,
                boolean enableLog)

Enforcer initializes an enforcer with a model, a database adapter and an enable log flag.

Parameters:

m - the model.

adapter - the adapter.

enableLog - whether to enable Casbin's log.

Enforcer

public Enforcer(Model m)

Enforcer initializes an enforcer with a model.

Parameters:

m - the model.

Enforcer

public Enforcer(java.lang.String modelPath)

Enforcer initializes an enforcer with a model file.

Parameters:

modelPath - the path of the model file.

Enforcer

public Enforcer(java.lang.String modelPath,
                java.lang.String policyFile,
                boolean enableLog)

Enforcer initializes an enforcer with a model file, a policy file and an enable log flag.

Parameters:

modelPath - the path of the model file.

policyFile - the path of the policy file.

enableLog - whether to enable Casbin's log.

Method Detail

getRolesForUser

public java.util.List<java.lang.String> getRolesForUser(java.lang.String name)

getRolesForUser gets the roles that a user has.

Parameters:

name - the user.

Returns:

the roles that the user has.

getUsersForRole

public java.util.List<java.lang.String> getUsersForRole(java.lang.String name)

getUsersForRole gets the users that have a role.

Parameters:

name - the role.

Returns:

the users that has the role.

hasRoleForUser

public boolean hasRoleForUser(java.lang.String name,
                              java.lang.String role)

hasRoleForUser determines whether a user has a role.

Parameters:

name - the user.

role - the role.

Returns:

whether the user has the role.

addRoleForUser

public boolean addRoleForUser(java.lang.String user,
                              java.lang.String role)

addRoleForUser adds a role for a user. Returns false if the user already has the role (aka not affected).

Parameters:

user - the user.

role - the role.

Returns:

succeeds or not.

deleteRoleForUser

public boolean deleteRoleForUser(java.lang.String user,
                                 java.lang.String role)

deleteRoleForUser deletes a role for a user. Returns false if the user does not have the role (aka not affected).

Parameters:

user - the user.

role - the role.

Returns:

succeeds or not.

deleteRolesForUser

public boolean deleteRolesForUser(java.lang.String user)

deleteRolesForUser deletes all roles for a user. Returns false if the user does not have any roles (aka not affected).

Parameters:

user - the user.

Returns:

succeeds or not.

deleteUser

public boolean deleteUser(java.lang.String user)

deleteUser deletes a user. Returns false if the user does not exist (aka not affected).

Parameters:

user - the user.

Returns:

succeeds or not.

deleteRole

public void deleteRole(java.lang.String role)

deleteRole deletes a role.

Parameters:

role - the role.

deletePermission

public boolean deletePermission(java.lang.String... permission)

deletePermission deletes a permission. Returns false if the permission does not exist (aka not affected).

Parameters:

permission - the permission, usually be (obj, act). It is actually the rule without the subject.

Returns:

succeeds or not.

deletePermission

public boolean deletePermission(java.util.List<java.lang.String> permission)

deletePermission deletes a permission. Returns false if the permission does not exist (aka not affected).

Parameters:

permission - the permission, usually be (obj, act). It is actually the rule without the subject.

Returns:

succeeds or not.

addPermissionForUser

public boolean addPermissionForUser(java.lang.String user,
                                    java.lang.String... permission)

addPermissionForUser adds a permission for a user or role. Returns false if the user or role already has the permission (aka not affected).

Parameters:

user - the user.

permission - the permission, usually be (obj, act). It is actually the rule without the subject.

Returns:

succeeds or not.

updatePermissionForUser

public boolean updatePermissionForUser(java.lang.String user,
                                       java.util.List<java.lang.String> oldPermission,
                                       java.util.List<java.lang.String> newPermission)

updatePermissionForUser updates a permission for a user or role. Returns false if the user or role already has the permission (aka not affected).

Parameters:

user - the user.

oldPermission - the old permission.

newPermission - the new permission.

Returns:

succeeds or not.

addPermissionForUser

public boolean addPermissionForUser(java.lang.String user,
                                    java.util.List<java.lang.String> permission)

addPermissionForUser adds a permission for a user or role. Returns false if the user or role already has the permission (aka not affected).

Parameters:

user - the user.

permission - the permission, usually be (obj, act). It is actually the rule without the subject.

Returns:

succeeds or not.

deletePermissionForUser

public boolean deletePermissionForUser(java.lang.String user,
                                       java.lang.String... permission)

deletePermissionForUser deletes a permission for a user or role. Returns false if the user or role does not have the permission (aka not affected).

Parameters:

user - the user.

permission - the permission, usually be (obj, act). It is actually the rule without the subject.

Returns:

succeeds or not.

deletePermissionForUser

public boolean deletePermissionForUser(java.lang.String user,
                                       java.util.List<java.lang.String> permission)

deletePermissionForUser deletes a permission for a user or role. Returns false if the user or role does not have the permission (aka not affected).

Parameters:

user - the user.

permission - the permission, usually be (obj, act). It is actually the rule without the subject.

Returns:

succeeds or not.

deletePermissionsForUser

public boolean deletePermissionsForUser(java.lang.String user)

deletePermissionsForUser deletes permissions for a user or role. Returns false if the user or role does not have any permissions (aka not affected).

Parameters:

user - the user.

Returns:

succeeds or not.

getPermissionsForUser

public java.util.List<java.util.List<java.lang.String>> getPermissionsForUser(java.lang.String user,
                                                                              java.lang.String... domain)

getPermissionsForUser gets permissions for a user or role.

Parameters:

user - the user.

domain - domain.

Returns:

the permissions, a permission is usually like (obj, act). It is actually the rule without the subject.

hasPermissionForUser

public boolean hasPermissionForUser(java.lang.String user,
                                    java.lang.String... permission)

hasPermissionForUser determines whether a user has a permission.

Parameters:

user - the user.

permission - the permission, usually be (obj, act). It is actually the rule without the subject.

Returns:

whether the user has the permission.

hasPermissionForUser

public boolean hasPermissionForUser(java.lang.String user,
                                    java.util.List<java.lang.String> permission)

hasPermissionForUser determines whether a user has a permission.

Parameters:

user - the user.

permission - the permission, usually be (obj, act). It is actually the rule without the subject.

Returns:

whether the user has the permission.

getUsersForRoleInDomain

public java.util.List<java.lang.String> getUsersForRoleInDomain(java.lang.String name,
                                                                java.lang.String domain)

getUsersForRoleInDomain gets the users that a role has inside a domain.

Parameters:

name - the role.

domain - the domain.

Returns:

the users that the role has in the domain.

getRolesForUserInDomain

public java.util.List<java.lang.String> getRolesForUserInDomain(java.lang.String name,
                                                                java.lang.String domain)

getRolesForUserInDomain gets the roles that a user has inside a domain.

Parameters:

name - the user.

domain - the domain.

Returns:

the roles that the user has in the domain.

getPermissionsForUserInDomain

public java.util.List<java.util.List<java.lang.String>> getPermissionsForUserInDomain(java.lang.String user,
                                                                                      java.lang.String domain)

getPermissionsForUserInDomain gets permissions for a user or role inside a domain.

Parameters:

user - the user.

domain - the domain.

Returns:

the permissions, a permission is usually like (obj, act). It is actually the rule without the subject.

addRoleForUserInDomain

public boolean addRoleForUserInDomain(java.lang.String user,
                                      java.lang.String role,
                                      java.lang.String domain)

addRoleForUserInDomain adds a role for a user inside a domain. Returns false if the user already has the role (aka not affected).

Parameters:

user - the user.

role - the role.

domain - the domain.

Returns:

succeeds or not.

deleteRoleForUserInDomain

public boolean deleteRoleForUserInDomain(java.lang.String user,
                                         java.lang.String role,
                                         java.lang.String domain)

deleteRoleForUserInDomain deletes a role for a user inside a domain. Returns false if the user does not have the role (aka not affected).

Parameters:

user - the user.

role - the role.

domain - the domain.

Returns:

succeeds or not.

getImplicitRolesForUser

public java.util.List<java.lang.String> getImplicitRolesForUser(java.lang.String name,
                                                                java.lang.String... domain)

getImplicitRolesForUser gets implicit roles that a user has. Compared to getRolesForUser(), this function retrieves indirect roles besides direct roles. For example: g, alice, role:admin g, role:admin, role:user

getRolesForUser("alice") can only get: ["role:admin"]. But getImplicitRolesForUser("alice") will get: ["role:admin", "role:user"].

Parameters:

name - the user.

domain - the user's domain.

Returns:

implicit roles that a user has.

getImplicitUsersForRole

public java.util.List<java.lang.String> getImplicitUsersForRole(java.lang.String name,
                                                                java.lang.String... domain)

getImplicitUsersForRole gets implicit users for a role.

Parameters:

name - the role.

domain - the role's domain.

Returns:

implicit users that a role has.

getImplicitPermissionsForUser

public java.util.List<java.util.List<java.lang.String>> getImplicitPermissionsForUser(java.lang.String user,
                                                                                      java.lang.String... domain)

getImplicitPermissionsForUser gets implicit permissions for a user or role. Compared to getPermissionsForUser(), this function retrieves permissions for inherited roles. For example: p, admin, data1, read p, alice, data2, read g, alice, admin

getPermissionsForUser("alice") can only get: [["alice", "data2", "read"]]. But getImplicitPermissionsForUser("alice") will get: [["admin", "data1", "read"], ["alice", "data2", "read"]].

Parameters:

user - the user.

domain - the user's domain.

Returns:

implicit permissions for a user or role.

getNamedImplicitPermissionsForUser

public java.util.List<java.util.List<java.lang.String>> getNamedImplicitPermissionsForUser(java.lang.String pType,
                                                                                           java.lang.String user,
                                                                                           java.lang.String... domain)

GetNamedImplicitPermissionsForUser gets implicit permissions for a user or role by named policy. Compared to GetNamedPermissionsForUser(), this function retrieves permissions for inherited roles. For example: p, admin, data1, read p2, admin, create g, alice, admin

GetImplicitPermissionsForUser("alice") can only get: [["admin", "data1", "read"]], whose policy is default policy "p". But you can specify the named policy "p2" to get: [["admin", "create"]] by GetNamedImplicitPermissionsForUser("p2","alice").

Parameters:

pType - the name policy.

user - the user.

domain - the user's domain.

Returns:

implicit permissions for a user or role by named policy.

getImplicitPermissionsForUserInDomain

public java.util.List<java.util.List<java.lang.String>> getImplicitPermissionsForUserInDomain(java.lang.String user,
                                                                                              java.lang.String domain)

getImplicitPermissionsForUserInDomain gets implicit permissions for a user or role in domain.

Parameters:

user - the user.

domain - the domain.

Returns:

implicit permissions for a user or role in domain.

batchEnforce

public java.util.List<java.lang.Boolean> batchEnforce(java.util.List<java.util.List<java.lang.String>> rules)

BatchEnforce enforce in batches

Parameters:

rules - the rules.

Returns:

the results

batchEnforceWithMatcher

public java.util.List<java.lang.Boolean> batchEnforceWithMatcher(java.lang.String matcher,
                                                                 java.util.List<java.util.List<java.lang.String>> rules)

batchEnforceWithMatcher enforce with matcher in batches

Parameters:

matcher - the custom matcher.

rules - the rules.

Returns:

the results

buildIncrementalRoleLinks

public void buildIncrementalRoleLinks(Model.PolicyOperations op,
                                      java.lang.String ptype,
                                      java.util.List<java.util.List<java.lang.String>> rules)

buildIncrementalRoleLinks provides incremental build the role inheritance relations.

Parameters:

op - Policy operations.

ptype - policy type.

rules - the rules.