Interface PermissionLimitInterface
- All Known Implementing Classes:
PermissionLimitAmountLessThan
,PermissionLimitAmountLessThanEquals
,PermissionLimitBase
,PermissionLimitElLogic
,PermissionLimitIpOnNetworkRealm
,PermissionLimitIpOnNetworks
,PermissionLimitLabelsContain
,PermissionLimitWeekday9to5Logic
public interface PermissionLimitInterface
implement this interface to attach logic to a permission limit
-
Method Summary
Modifier and TypeMethodDescriptionboolean
allowPermission
(PermissionEntry permissionEntry, AttributeAssign limitAssignment, Set<AttributeAssignValue> limitAssignmentValues, Map<String, Object> limitEnvVars, Set<PermissionLimitBean> permissionLimitBeans) if the limit allowed the permission to be allowedint
if we can cache the result for a some minutes.return a UI key to documentation about the limit.validateLimitAssignValue
(AttributeAssign limitAssign, Set<AttributeAssignValue> limitAssignmentValues) validate a user entered value(s) on the limit assignment
-
Method Details
-
allowPermission
boolean allowPermission(PermissionEntry permissionEntry, AttributeAssign limitAssignment, Set<AttributeAssignValue> limitAssignmentValues, Map<String, Object> limitEnvVars, Set<PermissionLimitBean> permissionLimitBeans) if the limit allowed the permission to be allowed- Parameters:
permissionEntry
- to checklimitAssignment
- the assignment of the limit (e.g. to the permission assignment a parent assignment, or the role, etc)limitAssignmentValues
-limitEnvVars
- value could be String, Long, or DoublepermissionLimitBeans
- all limits for this permission (in case the limit logic needs it... note, dont use built in caching if this is the case)- Returns:
- true if allowed, false if not
-
validateLimitAssignValue
PermissionLimitDocumentation validateLimitAssignValue(AttributeAssign limitAssign, Set<AttributeAssignValue> limitAssignmentValues) validate a user entered value(s) on the limit assignment- Parameters:
limitAssign
-limitAssignmentValues
-- Returns:
- the UI key and args for the error code (arbitrary, in Grouper should put in nav.properties) or null for ok
-
documentation
PermissionLimitDocumentation documentation()return a UI key to documentation about the limit. for Grouper, put in nav.properties- Returns:
- a UI key
-
cacheLimitValueResultMinutes
int cacheLimitValueResultMinutes()if we can cache the result for a some minutes. i.e. for the same attribute assignment and value and input map, is the result the same... e.g. ip address math can be cached, amount limits, etc. If there are conditions about the permission names, then dont cache- Returns:
- the number of minutes to cache
-