All Known Implementing Classes:: DefaultEvaluation, FGAPEvaluation

public interface Evaluation

An Evaluation is mainly used by PolicyProvider in order to evaluate a single and specific ResourcePermission against the configured policies.

Author:: Pedro Igor

Method Summary

Modifier and Type

Method

Description

void

deny()

Denies the requested permission.

void

denyIfNoEffect()

Denies the requested permission if a decision was not made yet.

AuthorizationProvider

getAuthorizationProvider()

EvaluationContext

getContext()

Returns the EvaluationContext.

Decision.Effect

getEffect()

Policy

getParentPolicy()

Returns the parent policy (a permission) of the policy being evaluated.

ResourcePermission

getPermission()

Returns the ResourcePermission to be evaluated.

Policy

getPolicy()

Returns the Policy.

Realm

getRealm()

Returns a Realm that can be used by policies to query information.

void

grant()

Grants the requested permission to the caller.

default boolean

isDenied(Policy deniedPolicy, Scope deniedScope)

If the given scope should not be granted when the given deniedPolicy denies access to a resource or a specific scope.

default boolean

isGranted(Policy grantedPolicy, Scope grantedScope)

If the given scope should be granted when the given grantedPolicy is granting access to a resource or a specific scope.

void

setEffect(Decision.Effect effect)

Method Details
- getPermission
  
  ResourcePermission getPermission()
  
  Returns the ResourcePermission to be evaluated.
  
  Returns:
  
  the permission to be evaluated
- getContext
  
  EvaluationContext getContext()
  
  Returns the EvaluationContext. Which provides access to the whole evaluation runtime context.
  
  Returns:
  
  the evaluation context
- getPolicy
  
  Policy getPolicy()
  
  Returns the Policy. being evaluated.
  
  Returns:
  
  the evaluation context
- getRealm
  
  Realm getRealm()
  
  Returns a Realm that can be used by policies to query information.
  
  Returns:
  
  a Realm instance
- getAuthorizationProvider
  
  AuthorizationProvider getAuthorizationProvider()
- grant
  
  void grant()
  
  Grants the requested permission to the caller.
- deny
  
  void deny()
  
  Denies the requested permission.
- denyIfNoEffect
  
  void denyIfNoEffect()
  
  Denies the requested permission if a decision was not made yet.
- getParentPolicy
  
  Policy getParentPolicy()
  
  Returns the parent policy (a permission) of the policy being evaluated.
  
  Returns:
  
  the parent policy
- getEffect
  
  Decision.Effect getEffect()
- setEffect
  
  void setEffect(Decision.Effect effect)
- isGranted
  
  default boolean isGranted(Policy grantedPolicy, Scope grantedScope)
  
  If the given scope should be granted when the given grantedPolicy is granting access to a resource or a specific scope.
  
  Parameters:
  
  grantedPolicy - the policy granting access
  
  grantedScope - the scope that should be granted
  
  Returns:
  
  true if the scope is granted. Otherwise, returns false
- isDenied
  
  default boolean isDenied(Policy deniedPolicy, Scope deniedScope)
  
  If the given scope should not be granted when the given deniedPolicy denies access to a resource or a specific scope.
  
  Parameters:
  
  deniedPolicy - the policy granting access
  
  deniedScope - the scope that should be granted
  
  Returns:
  
  true if the scope is granted. Otherwise, returns false

Interface Evaluation

Method Summary

Method Details

getPermission

getContext

getPolicy

getRealm

getAuthorizationProvider

grant

deny

denyIfNoEffect

getParentPolicy

getEffect

setEffect

isGranted

isDenied