Package org.apache.solr.security

Class RuleBasedAuthorizationPluginBase

java.lang.Object

org.apache.solr.security.RuleBasedAuthorizationPluginBase

All Implemented Interfaces:

Closeable, AutoCloseable, org.apache.solr.common.SpecProvider, AuthorizationPlugin, ConfigEditablePlugin

Direct Known Subclasses:

ExternalRoleRuleBasedAuthorizationPlugin, MultiAuthRuleBasedAuthorizationPlugin, RuleBasedAuthorizationPlugin

public abstract class RuleBasedAuthorizationPluginBase
extends Object
implements AuthorizationPlugin, ConfigEditablePlugin, org.apache.solr.common.SpecProvider

Base class for rule based authorization plugins

Constructor Summary

Constructors

Constructor	Description
RuleBasedAuthorizationPluginBase()

Method Summary

Modifier and Type	Method	Description
AuthorizationResponse	authorize(AuthorizationContext context)
void	close()
boolean	doesUserHavePermission(Principal principal, PermissionNameProvider.Name permission)
Map<String,Object>	edit(Map<String,Object> latestConf, List<org.apache.solr.common.util.CommandOperation> commands)	Operate the commands on the latest conf and return a new conf object If there are errors in the commands , throw a SolrException.
Set<String>	getPermissionNamesForRoles(Set<String> roles)	Retrieves permission names for a given set of roles
org.apache.solr.common.util.ValidatingJsonMap	getSpec()
abstract Set<String>	getUserRoles(Principal principal)	Finds users roles
Set<String>	getUserRoles(AuthorizationContext context)	Finds user roles
void	init(Map<String,Object> initInfo)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

RuleBasedAuthorizationPluginBase

public RuleBasedAuthorizationPluginBase()

Method Detail

authorize

public AuthorizationResponse authorize(AuthorizationContext context)

Specified by:

authorize in interface AuthorizationPlugin

getPermissionNamesForRoles

public Set<String> getPermissionNamesForRoles(Set<String> roles)

Retrieves permission names for a given set of roles

doesUserHavePermission

public boolean doesUserHavePermission(Principal principal,
                                      PermissionNameProvider.Name permission)

init

public void init(Map<String,Object> initInfo)

Specified by:

init in interface AuthorizationPlugin

getUserRoles

public Set<String> getUserRoles(AuthorizationContext context)

Finds user roles

Parameters:

context - the authorization context to load roles from

Returns:

set of roles as strings or empty set if no roles are found

getUserRoles

public abstract Set<String> getUserRoles(Principal principal)

Finds users roles

Parameters:

principal - the user Principal to fetch roles for

Returns:

set of roles as strings or empty set if no roles found

close

public void close()
           throws IOException

Specified by:

close in interface AutoCloseable

Specified by:

close in interface Closeable

Throws:

IOException

edit

public Map<String,Object> edit(Map<String,Object> latestConf,
                                     List<org.apache.solr.common.util.CommandOperation> commands)

Description copied from interface: ConfigEditablePlugin

Operate the commands on the latest conf and return a new conf object If there are errors in the commands , throw a SolrException. return a null if no changes are to be made as a result of this edit. It is the responsibility of the implementation to ensure that the returned config is valid . The framework does no validation of the data

Specified by:

edit in interface ConfigEditablePlugin

getSpec

public org.apache.solr.common.util.ValidatingJsonMap getSpec()

Specified by:

getSpec in interface org.apache.solr.common.SpecProvider