Class Role

public class Role extends StorableObject
A user access role. Each role contains an access rule list for declaring which objects that the role provides access to.
  • Field Details

    • KEY_NAME

      public static final String KEY_NAME
      The dictionary key for the role name.
      See Also:

      public static final String KEY_DESCRIPTION
      The dictionary key for the role description.
      See Also:
    • KEY_AUTO

      public static final String KEY_AUTO
      The dictionary key for automatic user match.
      See Also:

      public static final String KEY_ACCESS
      The dictionary key for the role access array. The value stored is an array of access rules.
      See Also:

      public static final String ACCESS_PATH
      The dictionary key for the path in the access dictionary. The value stored is an absolute path to an object, with optional glob characters ('*', '**' or '?').
      See Also:

      public static final String ACCESS_REGEX
      The dictionary key for the regex path in the access dictionary. The value stored is a regular expression matching an absolute path to an object (without leading '/' chars).
      See Also:

      public static final String ACCESS_PERMISSION
      The dictionary key for the permission list in the access dictionary. The value stored is a string with permissions separated by comma (',').
      See Also:

      public static final String PERM_NONE
      The permission key for no access.
      See Also:

      public static final String PERM_INTERNAL
      The permission key for internal access.
      See Also:

      public static final String PERM_READ
      The permission key for read access.
      See Also:

      public static final String PERM_WRITE
      The permission key for write access.
      See Also:
    • PERM_ALL

      public static final String PERM_ALL
      The permission key for full access.
      See Also:
    • PATH

      public static final Path PATH
      The role object storage path.
  • Constructor Details

    • Role

      public Role(String id, String type, Dict dict)
      Creates a new role from a serialized representation.
      id - the object identifier
      type - the object type name
      dict - the serialized representation
  • Method Details

    • all

      public static Stream<Role> all(Storage storage)
      Returns a stream of all roles found in the storage.
      storage - the storage to search
      a stream of role instances found
    • normalize

      public static Dict normalize(String id, Dict dict)
      Normalizes a role data object if needed. This method will modify legacy data into the proper keys and values.
      id - the object identifier
      dict - the storage data
      the storage data (possibly modified)
    • name

      public String name()
      Returns the role name.
      the role name.
    • description

      public String description()
      Returns the role description.
      the role description.
    • auto

      public String auto()
      Returns the automatic role attachment type. The values "all" and "auth" are the only ones with defined meaning.
      the automatic role attachment type
    • hasUser

      public boolean hasUser(User user)
      Checks if the specified user has this role. The user may be null, in which case only automatic roles for "all" will be considered a match.
      user - the user to check, or null
      true if the user has this role, or false otherwise
    • hasAccess

      public boolean hasAccess(String path, String permission)
      Checks if the role has access permission for a storage path. The access list is processed from top to bottom to find a matching path entry. If a matching path with the PERM_NONE permission is encountered, false will be returned. Otherwise true will be returned only if the permission matches the requested one.
      path - the object storage path
      permission - the requested permission
      true if the role provides access, or false otherwise