public interface IAuthorizationPolicy

An access control policy.

Reponsible for determining if access to a given action should be allowed or denied. A implementation could be one based on roles, as is done in the Servlet specification. (In other words, if the policy has an association between the given action and a role that has been granted to the user, then the decision will be to allow.)

Author:: mlowery

Method Summary

Modifier and Type

Method

Description

List<String>

getAllowedActions(String actionNamespace)

Returns all actions in the given namespace that are currently allowed.

boolean

isAllowed(String actionName)

Returns true if the the action should be allowed.

Method Details
- isAllowed
  
  boolean isAllowed(String actionName)
  
  Returns true if the the action should be allowed.
  
  Parameters:
  
  actionName - name of action (e.g. org.pentaho.di.repository.create)
  
  Returns:
  
  true to allow
- getAllowedActions
  
  List<String> getAllowedActions(String actionNamespace)
  
  Returns all actions in the given namespace that are currently allowed.
  
  Parameters:
  
  actionNamespace - action namespace (e.g. org.pentaho.di.repository); null means all allowed actions
  
  Returns:
  
  list of actions

Interface IAuthorizationPolicy

Method Summary

Method Details

isAllowed

getAllowedActions