Package net.solarnetwork.central.security

Class SecurityPolicyEnforcer

java.lang.Object
net.solarnetwork.central.security.SecurityPolicyEnforcer
All Implemented Interfaces:
InvocationHandler
public class SecurityPolicyEnforcer extends Object implements InvocationHandler
Support for enforcing a SecurityPolicy on domain objects.
Since:
1.12

  • Constructor Details

    • SecurityPolicyEnforcer

      public SecurityPolicyEnforcer(SecurityPolicy policy, Object principal, Object delegate)
      Construct a new enforcer.
      Parameters:
      policy - The policy to enforce.
      principal - The active principal.
      delegate - The domain object to enforce the policy on.

    • SecurityPolicyEnforcer

      public SecurityPolicyEnforcer(SecurityPolicy policy, Object principal, Object delegate, org.springframework.util.PathMatcher pathMatcher)
      Construct a new enforcer with patch matching support.
      Parameters:
      policy - The policy to enforce.
      principal - The active principal.
      delegate - The domain object to enforce the policy on.
      pathMatcher - The path matcher to use.
      Since:
      1.1

    • SecurityPolicyEnforcer

      public SecurityPolicyEnforcer(SecurityPolicy policy, Object principal, Object delegate, org.springframework.util.PathMatcher pathMatcher, SecurityPolicyMetadataType metadataType)
      Construct a new enforcer with patch matching support.
      Parameters:
      policy - The policy to enforce.
      principal - The active principal.
      delegate - The domain object to enforce the policy on.
      pathMatcher - The path matcher to use.
      metadataType - The type of metadata associated with delegate, or null.
      Since:
      1.2

  • Method Details

    • createSecurityPolicyProxy

      public static <T> T createSecurityPolicyProxy(SecurityPolicyEnforcer enforcer)
      Wrap an object with a SecurityPolicyEnforcer, enforcing policy properties. This will return a proxy object that implements all interfaces on the provided enforder's delegate property.
      Type Parameters:
      T - the return object type
      Parameters:
      enforcer - The policy enforcer.
      Returns:
      A new wrapped object.

    • verify

      public void verify()
      Verify the security policy on all supported properties immediately.
      Throws:
      AuthorizationException - if any policy fails

    • invoke

      public Object invoke(Object proxy, Method method, Object[] args) throws Throwable
      Specified by:
      invoke in interface InvocationHandler
      Throws:
      Throwable

    • verifyNodeIds

      public Long[] verifyNodeIds(Long[] nodeIds)
      Verify an arbitrary list of node IDs against the configured policy.
      Parameters:
      nodeIds - The node IDs to verify.
      Returns:
      The allowed node IDs.
      Throws:
      AuthorizationException - if no node IDs are allowed

    • verifySourceIds

      public String[] verifySourceIds(String[] sourceIds)
      Verify an arbitrary list of source IDs against the configured policy.
      Parameters:
      sourceIds - The source IDs to verify.
      Returns:
      The allowed source IDs.
      Throws:
      AuthorizationException - if no source IDs are allowed

    • verifyMetadata

      public net.solarnetwork.domain.datum.GeneralDatumMetadata verifyMetadata(net.solarnetwork.domain.datum.GeneralDatumMetadata metadata)
      Verify an arbitrary metadata instance against the configured policy.
      Parameters:
      metadata - The metadata to verify.
      Returns:
      The allowed metadata.
      Throws:
      AuthorizationException - if no metadata access is allowed

    • getDelgate

      public Object getDelgate()