Package org.wildfly.security.permission

Interface PermissionVerifier

All Known Implementing Classes:
AbstractActionPermission, AbstractActionSetPermission, AbstractBooleanPermission, AbstractNamedPermission, AbstractNameOnlyPermission, AbstractNameSetOnlyPermission, AbstractNamingPermission, AbstractPermission, AbstractPermissionCollection, AbstractSimpleNamePermission, BooleanPermissionCollection, ByNamePermissionCollection, ChangeRoleMapperPermission, CredentialStorePermission, EJBClientPermission, ElytronPermission, LoginPermission, NameSetPermissionCollection, NoPermission, RemoteEJBPermission, RunAsPrincipalPermission, SecurityIdentity, SimpleActionBitsPermissionCollection, SimplePermissionCollection, WildFlySecurityManager, WildFlySecurityManagerPermission
Functional Interface:
This is a functional interface and can therefore be used as the assignment target for a lambda expression or method reference.
@FunctionalInterface public interface PermissionVerifier
An interface for objects that can verify permissions.
Author:
David M. Lloyd

  • Field Details

  • Method Details

    • implies

      boolean implies(Permission permission)
      Determine if the permission is verified by this object.
      Parameters:
      permission - the permission to verify (must not be null)
      Returns:
      true if the permission is implied by this verifier, false otherwise

    • and

      default PermissionVerifier and(PermissionVerifier other)
      Return a new verifier which implies permissions which are implied both by this verifier and by the given verifier.
      Parameters:
      other - the other verifier (must not be null)
      Returns:
      the new permission verifier (not null)

    • or

      default PermissionVerifier or(PermissionVerifier other)
      Return a new verifier which implies permissions which are implied either by this verifier or by the given verifier.
      Parameters:
      other - the other verifier (must not be null)
      Returns:
      the new permission verifier (not null)

    • xor

      default PermissionVerifier xor(PermissionVerifier other)
      Return a new verifier which implies permissions which are implied by only one of this verifier or the given verifier.
      Parameters:
      other - the other verifier (must not be null)
      Returns:
      the new permission verifier (not null)

    • not

      default PermissionVerifier not()
      Return a new verifier which implies the opposite of this verifier.
      Returns:
      the new permission verifier (not null)

    • unless

      default PermissionVerifier unless(PermissionVerifier other)
      Return a new verifier which implies permissions which are implied by this verifier but not the given verifier.
      Parameters:
      other - the other verifier (must not be null)
      Returns:
      the new permission verifier (not null)

    • checkPermission

      default void checkPermission(Permission permission) throws SecurityException
      Check a permission, throwing an exception if the permission is not implied.
      Parameters:
      permission - the permission to check (must not be null)
      Throws:
      SecurityException - if the permission is not implied

    • from

      static PermissionVerifier from(Permission permission)
      Get a permission verifier for a single permission.
      Parameters:
      permission - the permission (must not be null)
      Returns:
      the verifier (not null)

    • from

      static PermissionVerifier from(PermissionCollection permissionCollection)
      Get a permission verifier for a permission collection.
      Parameters:
      permissionCollection - the permission collection (must not be null)
      Returns:
      the verifier (not null)

    • from

      static PermissionVerifier from(ProtectionDomain protectionDomain)
      Get a permission verifier for a protection domain.
      Parameters:
      protectionDomain - the protection domain (must not be null)
      Returns:
      the verifier (not null)

    • from

      static PermissionVerifier from(Policy policy, ProtectionDomain protectionDomain)
      Get a permission verifier for a policy's view of a protection domain.
      Parameters:
      policy - the policy (must not be null)
      protectionDomain - the protection domain (must not be null)
      Returns:
      the verifier (not null)

    • toPermissionCollection

      default PermissionCollection toPermissionCollection()
      Convert this verifier a permission collection which implies everything this verifier implies. If this instance is already a PermissionCollection instance, then this instance may be cast and returned. Otherwise, this method may return a new, read-only collection, which cannot be iterated.
      Returns:
      the permission collection (not null)