Module io.inverno.mod.security

Package io.inverno.mod.security.accesscontrol

Interface RoleBasedAccessController

All Superinterfaces:

AccessController

public interface RoleBasedAccessController
extends AccessController

An access controller that uses roles to control the access to services or resources based on the permissions that were granted to an authenticated entity.

This basically follows the Role-based access control approach which control the access to services or resources based on roles assigned to the authenticated entity.

Access to a service or a resouce is granted when the authenticated entity has a particular role. This can be checked as follows:

     RoleBasedAccessController accessController = ...
     accessController.hasRole("admin").doOnNext(granted -> {...})...    

Since:

1.5

Author:

Jeremy Kuhn

Method Summary

Modifier and Type	Method	Description
default Mono<Boolean>	hasAllRoles(String... roles)	Determines whether the authenticated entity has all of the specified roles.
Mono<Boolean>	hasAllRoles(Collection<String> roles)	Determines whether the authenticated entity has all of the specified roles.
default Mono<Boolean>	hasAnyRole(String... roles)	Determines whether the authenticated entity has any of the specified roles.
Mono<Boolean>	hasAnyRole(Collection<String> roles)	Determines whether the authenticated entity has any of the specified roles.
Mono<Boolean>	hasRole(String role)	Determines whether the authenticated entity has the specified role.
static RoleBasedAccessController	of(String... roles)	Creates a new role based access controller with the specified roles.
static RoleBasedAccessController	of(Collection<String> roles)	Creates a new role based access controller with the specified roles.

Method Details

hasRole

Mono<Boolean> hasRole(String role)

Determines whether the authenticated entity has the specified role.

Parameters:

role - the role to evaluate

Returns:

a mono emitting true if access is granted, false otherwise

hasAnyRole

default Mono<Boolean> hasAnyRole(String... roles)

Determines whether the authenticated entity has any of the specified roles.

Parameters:

roles - the array of role to evaluate

Returns:

a mono emitting true if access is granted, false otherwise

hasAnyRole

Mono<Boolean> hasAnyRole(Collection<String> roles)

Determines whether the authenticated entity has any of the specified roles.

Parameters:

roles - the collection of role to evaluate

Returns:

a mono emitting true if access is granted, false otherwise

hasAllRoles

default Mono<Boolean> hasAllRoles(String... roles)

Determines whether the authenticated entity has all of the specified roles.

Parameters:

roles - the array of role to evaluate

Returns:

a mono emitting true if access is granted, false otherwise

hasAllRoles

Mono<Boolean> hasAllRoles(Collection<String> roles)

Determines whether the authenticated entity has all of the specified roles.

Parameters:

roles - the collection of role to evaluate

Returns:

a mono emitting true if access is granted, false otherwise

of

static RoleBasedAccessController of(String... roles)

Creates a new role based access controller with the specified roles.

Parameters:

roles - the array of roles associated with an authenticated entity

Returns:

a new role based access controller

of

static RoleBasedAccessController of(Collection<String> roles)

Creates a new role based access controller with the specified roles.

Parameters:

roles - the collection of roles associated with an authenticated entity

Returns:

a new role based access controller