Interface SecurityDomain

All Known Implementing Classes:
AbstractEntitySecurityDomain, AbstractSecurityDomain, ActionSecurityDomain, AdminMenuSecurityDomain, EntityPathSecurityDomain, EntitySecurityDomain, GuardCachingSecurityDomain, InfoboxSecurityDomain, ManagerSecurityDomain, ReportSecurityDomain

public interface SecurityDomain
Specifies a domain (usually based on the obejct type) for security. The domain is responsible for selecting objects (when reducing the policies), creating object indicators, resolving paths etc.
  • Method Details

    • aggregateSupportedObjects

      List<List<?>> aggregateSupportedObjects(List<?> securedObjects)
      This method should group all secured objects, which can be evaluated together in a ListGuard, and return a list of these groups. This means all objects in a sub-list must require the same policy, (every object in the list would select the same rules of a policy, see getSelectorFactory()). Secured objects that are not supported by this domain at all should not be returned from this method. If none of the objects are supported, an empty list should be returned.
    • getSelectorFactory

      SelectorFactory getSelectorFactory()
      Create a selector factory. A selector factory is an object which creates selectors. There is no interface as the arguments defined in the policy will be matched to factory methods using reflection. The contract for the object returned by this method is as follows:

      It specify several methods called createSelector with the return type Selector. It may take any number of arguments. Supported argument types are all Java primitives, String, enumerations and arrays of enumerations. The last argument may be an array, which indicates varargs. Wildcards will be passed as null. The methods may throw an InvalidArgumentException.

      The selector factory.
    • evaluateCondition

      default boolean[] evaluateCondition(List<?> object, SecurityContext ctx, Rule rule, Permission askedPermission) throws EvaluationException
    • getOrCreateFilteredPolicy

      Policy getOrCreateFilteredPolicy(SecurityContext securityContext, List<?> objects, Callable<Policy> provider) throws Exception
      Return a policy for the given objects. This can be used to cache and reuse policies for different objects. If no cached policy is available, the given Callable can be used to create a new one.
    • clearGuardCache

      void clearGuardCache(SecurityContext securityContext)
      Clear all cached objects belonging to the given security context.