com.dtolabs.rundeck.core.authorization
Interface AuthContext

All Known Implementing Classes:

SubjectAuthContext

public interface AuthContext

Facade for Authorization containing a subject

Method Summary

Decision	evaluate(java.util.Map<java.lang.String,java.lang.String> resource, java.lang.String action, java.util.Set<Attribute> environment) Evaluate the authorization request and return if this request is valid.
java.util.Set<Decision>	evaluate(java.util.Set<java.util.Map<java.lang.String,java.lang.String>> resources, java.util.Set<java.lang.String> actions, java.util.Set<Attribute> environment) Make a multiple resource determination.

Method Detail

evaluate

Decision evaluate(java.util.Map<java.lang.String,java.lang.String> resource,
                  java.lang.String action,
                  java.util.Set<Attribute> environment)

Evaluate the authorization request and return if this request is valid. Make a single resource determination.

The method is loosely based on the XACML model for structuring requests and response.

These can be prefixed with a fully qualified namespace and ':'.

If anything goes wrong in evaluating the request, the result will be false. No exception will be thrown.

Parameters:

resource - The properties that identify the resource.

action - A set of actions that are being requested on the resource.

environment - A set of environment properties (hostname, time of day, etc.)

Returns:

decision Return true if the subject's action on the object given the environment is authorized.

evaluate

java.util.Set<Decision> evaluate(java.util.Set<java.util.Map<java.lang.String,java.lang.String>> resources,
                                 java.util.Set<java.lang.String> actions,
                                 java.util.Set<Attribute> environment)

Make a multiple resource determination.

Parameters:

resources -

actions -

environment -

Returns:

decisions