Class Policy
java.lang.Object
com.google.protobuf.AbstractMessageLite
com.google.protobuf.AbstractMessage
com.google.protobuf.GeneratedMessage
io.envoyproxy.envoy.config.rbac.v3.Policy
- All Implemented Interfaces:
com.google.protobuf.Message
,com.google.protobuf.MessageLite
,com.google.protobuf.MessageLiteOrBuilder
,com.google.protobuf.MessageOrBuilder
,PolicyOrBuilder
,Serializable
Policy specifies a role and the principals that are assigned/denied the role. A policy matches if and only if at least one of its permissions match the action taking place AND at least one of its principals match the downstream AND the condition is true if specified.Protobuf type
envoy.config.rbac.v3.Policy
- See Also:
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic final class
Policy specifies a role and the principals that are assigned/denied the role.Nested classes/interfaces inherited from class com.google.protobuf.GeneratedMessage
com.google.protobuf.GeneratedMessage.ExtendableBuilder<MessageT extends com.google.protobuf.GeneratedMessage.ExtendableMessage<MessageT>,
BuilderT extends com.google.protobuf.GeneratedMessage.ExtendableBuilder<MessageT, BuilderT>>, com.google.protobuf.GeneratedMessage.ExtendableMessage<MessageT extends com.google.protobuf.GeneratedMessage.ExtendableMessage<MessageT>>, com.google.protobuf.GeneratedMessage.ExtendableMessageOrBuilder<MessageT extends com.google.protobuf.GeneratedMessage.ExtendableMessage<MessageT>>, com.google.protobuf.GeneratedMessage.FieldAccessorTable, com.google.protobuf.GeneratedMessage.GeneratedExtension<ContainingT extends com.google.protobuf.Message, T>, com.google.protobuf.GeneratedMessage.UnusedPrivateParameter Nested classes/interfaces inherited from class com.google.protobuf.AbstractMessage
com.google.protobuf.AbstractMessage.BuilderParent
Nested classes/interfaces inherited from class com.google.protobuf.AbstractMessageLite
com.google.protobuf.AbstractMessageLite.InternalOneOfEnum
-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate int
static final int
private CheckedExpr
private Expr
static final int
private static final Policy
private byte
private static final com.google.protobuf.Parser
<Policy> private List
<Permission> static final int
static final int
private static final long
Fields inherited from class com.google.protobuf.GeneratedMessage
alwaysUseFieldBuilders, unknownFields
Fields inherited from class com.google.protobuf.AbstractMessage
memoizedSize
Fields inherited from class com.google.protobuf.AbstractMessageLite
memoizedHashCode
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionboolean
[#not-implemented-hide:] An optional symbolic expression that has been successfully type checked.[#not-implemented-hide:] An optional symbolic expression that has been successfully type checked.An optional symbolic expression specifying an access control :ref:`condition <arch_overview_condition>`.An optional symbolic expression specifying an access control :ref:`condition <arch_overview_condition>`.static Policy
static final com.google.protobuf.Descriptors.Descriptor
com.google.protobuf.Parser
<Policy> getPermissions
(int index) Required.int
Required.Required.getPermissionsOrBuilder
(int index) Required.List
<? extends PermissionOrBuilder> Required.getPrincipals
(int index) Required.int
Required.Required.getPrincipalsOrBuilder
(int index) Required.List
<? extends PrincipalOrBuilder> Required.int
boolean
[#not-implemented-hide:] An optional symbolic expression that has been successfully type checked.boolean
An optional symbolic expression specifying an access control :ref:`condition <arch_overview_condition>`.int
hashCode()
protected com.google.protobuf.GeneratedMessage.FieldAccessorTable
final boolean
static Policy.Builder
static Policy.Builder
newBuilder
(Policy prototype) protected Policy.Builder
newBuilderForType
(com.google.protobuf.AbstractMessage.BuilderParent parent) static Policy
parseDelimitedFrom
(InputStream input) static Policy
parseDelimitedFrom
(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) static Policy
parseFrom
(byte[] data) static Policy
parseFrom
(byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) static Policy
parseFrom
(com.google.protobuf.ByteString data) static Policy
parseFrom
(com.google.protobuf.ByteString data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) static Policy
parseFrom
(com.google.protobuf.CodedInputStream input) static Policy
parseFrom
(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) static Policy
parseFrom
(InputStream input) static Policy
parseFrom
(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) static Policy
parseFrom
(ByteBuffer data) static Policy
parseFrom
(ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) static com.google.protobuf.Parser
<Policy> parser()
void
writeTo
(com.google.protobuf.CodedOutputStream output) Methods inherited from class com.google.protobuf.GeneratedMessage
canUseUnsafe, computeStringSize, computeStringSizeNoTag, emptyBooleanList, emptyDoubleList, emptyFloatList, emptyIntList, emptyList, emptyLongList, getAllFields, getDescriptorForType, getField, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof, internalGetMapField, internalGetMapFieldReflection, isStringEmpty, makeMutableCopy, makeMutableCopy, mergeFromAndMakeImmutableInternal, newFileScopedGeneratedExtension, newInstance, newMessageScopedGeneratedExtension, parseDelimitedWithIOException, parseDelimitedWithIOException, parseUnknownField, parseUnknownFieldProto3, parseWithIOException, parseWithIOException, parseWithIOException, parseWithIOException, serializeBooleanMapTo, serializeIntegerMapTo, serializeLongMapTo, serializeStringMapTo, writeReplace, writeString, writeStringNoTag
Methods inherited from class com.google.protobuf.AbstractMessage
findInitializationErrors, getInitializationErrorString, hashFields, toString
Methods inherited from class com.google.protobuf.AbstractMessageLite
addAll, checkByteStringIsUtf8, toByteArray, toByteString, writeDelimitedTo, writeTo
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
Methods inherited from interface com.google.protobuf.MessageLite
toByteArray, toByteString, writeDelimitedTo, writeTo
Methods inherited from interface com.google.protobuf.MessageOrBuilder
findInitializationErrors, getAllFields, getDescriptorForType, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof
-
Field Details
-
serialVersionUID
private static final long serialVersionUID- See Also:
-
bitField0_
private int bitField0_ -
PERMISSIONS_FIELD_NUMBER
public static final int PERMISSIONS_FIELD_NUMBER- See Also:
-
permissions_
-
PRINCIPALS_FIELD_NUMBER
public static final int PRINCIPALS_FIELD_NUMBER- See Also:
-
principals_
-
CONDITION_FIELD_NUMBER
public static final int CONDITION_FIELD_NUMBER- See Also:
-
condition_
-
CHECKED_CONDITION_FIELD_NUMBER
public static final int CHECKED_CONDITION_FIELD_NUMBER- See Also:
-
checkedCondition_
-
memoizedIsInitialized
private byte memoizedIsInitialized -
DEFAULT_INSTANCE
-
PARSER
-
-
Constructor Details
-
Policy
private Policy(com.google.protobuf.GeneratedMessage.Builder<?> builder) -
Policy
private Policy()
-
-
Method Details
-
getDescriptor
public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() -
internalGetFieldAccessorTable
protected com.google.protobuf.GeneratedMessage.FieldAccessorTable internalGetFieldAccessorTable()- Specified by:
internalGetFieldAccessorTable
in classcom.google.protobuf.GeneratedMessage
-
getPermissionsList
Required. The set of permissions that define a role. Each permission is matched with OR semantics. To match all actions for this policy, a single Permission with the ``any`` field set to true should be used.
repeated .envoy.config.rbac.v3.Permission permissions = 1 [(.validate.rules) = { ... }
- Specified by:
getPermissionsList
in interfacePolicyOrBuilder
-
getPermissionsOrBuilderList
Required. The set of permissions that define a role. Each permission is matched with OR semantics. To match all actions for this policy, a single Permission with the ``any`` field set to true should be used.
repeated .envoy.config.rbac.v3.Permission permissions = 1 [(.validate.rules) = { ... }
- Specified by:
getPermissionsOrBuilderList
in interfacePolicyOrBuilder
-
getPermissionsCount
public int getPermissionsCount()Required. The set of permissions that define a role. Each permission is matched with OR semantics. To match all actions for this policy, a single Permission with the ``any`` field set to true should be used.
repeated .envoy.config.rbac.v3.Permission permissions = 1 [(.validate.rules) = { ... }
- Specified by:
getPermissionsCount
in interfacePolicyOrBuilder
-
getPermissions
Required. The set of permissions that define a role. Each permission is matched with OR semantics. To match all actions for this policy, a single Permission with the ``any`` field set to true should be used.
repeated .envoy.config.rbac.v3.Permission permissions = 1 [(.validate.rules) = { ... }
- Specified by:
getPermissions
in interfacePolicyOrBuilder
-
getPermissionsOrBuilder
Required. The set of permissions that define a role. Each permission is matched with OR semantics. To match all actions for this policy, a single Permission with the ``any`` field set to true should be used.
repeated .envoy.config.rbac.v3.Permission permissions = 1 [(.validate.rules) = { ... }
- Specified by:
getPermissionsOrBuilder
in interfacePolicyOrBuilder
-
getPrincipalsList
Required. The set of principals that are assigned/denied the role based on “action”. Each principal is matched with OR semantics. To match all downstreams for this policy, a single Principal with the ``any`` field set to true should be used.
repeated .envoy.config.rbac.v3.Principal principals = 2 [(.validate.rules) = { ... }
- Specified by:
getPrincipalsList
in interfacePolicyOrBuilder
-
getPrincipalsOrBuilderList
Required. The set of principals that are assigned/denied the role based on “action”. Each principal is matched with OR semantics. To match all downstreams for this policy, a single Principal with the ``any`` field set to true should be used.
repeated .envoy.config.rbac.v3.Principal principals = 2 [(.validate.rules) = { ... }
- Specified by:
getPrincipalsOrBuilderList
in interfacePolicyOrBuilder
-
getPrincipalsCount
public int getPrincipalsCount()Required. The set of principals that are assigned/denied the role based on “action”. Each principal is matched with OR semantics. To match all downstreams for this policy, a single Principal with the ``any`` field set to true should be used.
repeated .envoy.config.rbac.v3.Principal principals = 2 [(.validate.rules) = { ... }
- Specified by:
getPrincipalsCount
in interfacePolicyOrBuilder
-
getPrincipals
Required. The set of principals that are assigned/denied the role based on “action”. Each principal is matched with OR semantics. To match all downstreams for this policy, a single Principal with the ``any`` field set to true should be used.
repeated .envoy.config.rbac.v3.Principal principals = 2 [(.validate.rules) = { ... }
- Specified by:
getPrincipals
in interfacePolicyOrBuilder
-
getPrincipalsOrBuilder
Required. The set of principals that are assigned/denied the role based on “action”. Each principal is matched with OR semantics. To match all downstreams for this policy, a single Principal with the ``any`` field set to true should be used.
repeated .envoy.config.rbac.v3.Principal principals = 2 [(.validate.rules) = { ... }
- Specified by:
getPrincipalsOrBuilder
in interfacePolicyOrBuilder
-
hasCondition
public boolean hasCondition()An optional symbolic expression specifying an access control :ref:`condition <arch_overview_condition>`. The condition is combined with the permissions and the principals as a clause with AND semantics. Only be used when checked_condition is not used.
.google.api.expr.v1alpha1.Expr condition = 3 [(.udpa.annotations.field_migrate) = { ... }
- Specified by:
hasCondition
in interfacePolicyOrBuilder
- Returns:
- Whether the condition field is set.
-
getCondition
An optional symbolic expression specifying an access control :ref:`condition <arch_overview_condition>`. The condition is combined with the permissions and the principals as a clause with AND semantics. Only be used when checked_condition is not used.
.google.api.expr.v1alpha1.Expr condition = 3 [(.udpa.annotations.field_migrate) = { ... }
- Specified by:
getCondition
in interfacePolicyOrBuilder
- Returns:
- The condition.
-
getConditionOrBuilder
An optional symbolic expression specifying an access control :ref:`condition <arch_overview_condition>`. The condition is combined with the permissions and the principals as a clause with AND semantics. Only be used when checked_condition is not used.
.google.api.expr.v1alpha1.Expr condition = 3 [(.udpa.annotations.field_migrate) = { ... }
- Specified by:
getConditionOrBuilder
in interfacePolicyOrBuilder
-
hasCheckedCondition
public boolean hasCheckedCondition()[#not-implemented-hide:] An optional symbolic expression that has been successfully type checked. Only be used when condition is not used.
.google.api.expr.v1alpha1.CheckedExpr checked_condition = 4 [(.udpa.annotations.field_migrate) = { ... }
- Specified by:
hasCheckedCondition
in interfacePolicyOrBuilder
- Returns:
- Whether the checkedCondition field is set.
-
getCheckedCondition
[#not-implemented-hide:] An optional symbolic expression that has been successfully type checked. Only be used when condition is not used.
.google.api.expr.v1alpha1.CheckedExpr checked_condition = 4 [(.udpa.annotations.field_migrate) = { ... }
- Specified by:
getCheckedCondition
in interfacePolicyOrBuilder
- Returns:
- The checkedCondition.
-
getCheckedConditionOrBuilder
[#not-implemented-hide:] An optional symbolic expression that has been successfully type checked. Only be used when condition is not used.
.google.api.expr.v1alpha1.CheckedExpr checked_condition = 4 [(.udpa.annotations.field_migrate) = { ... }
- Specified by:
getCheckedConditionOrBuilder
in interfacePolicyOrBuilder
-
isInitialized
public final boolean isInitialized()- Specified by:
isInitialized
in interfacecom.google.protobuf.MessageLiteOrBuilder
- Overrides:
isInitialized
in classcom.google.protobuf.GeneratedMessage
-
writeTo
- Specified by:
writeTo
in interfacecom.google.protobuf.MessageLite
- Overrides:
writeTo
in classcom.google.protobuf.GeneratedMessage
- Throws:
IOException
-
getSerializedSize
public int getSerializedSize()- Specified by:
getSerializedSize
in interfacecom.google.protobuf.MessageLite
- Overrides:
getSerializedSize
in classcom.google.protobuf.GeneratedMessage
-
equals
- Specified by:
equals
in interfacecom.google.protobuf.Message
- Overrides:
equals
in classcom.google.protobuf.AbstractMessage
-
hashCode
public int hashCode()- Specified by:
hashCode
in interfacecom.google.protobuf.Message
- Overrides:
hashCode
in classcom.google.protobuf.AbstractMessage
-
parseFrom
public static Policy parseFrom(ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException - Throws:
com.google.protobuf.InvalidProtocolBufferException
-
parseFrom
public static Policy parseFrom(ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException - Throws:
com.google.protobuf.InvalidProtocolBufferException
-
parseFrom
public static Policy parseFrom(com.google.protobuf.ByteString data) throws com.google.protobuf.InvalidProtocolBufferException - Throws:
com.google.protobuf.InvalidProtocolBufferException
-
parseFrom
public static Policy parseFrom(com.google.protobuf.ByteString data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException - Throws:
com.google.protobuf.InvalidProtocolBufferException
-
parseFrom
public static Policy parseFrom(byte[] data) throws com.google.protobuf.InvalidProtocolBufferException - Throws:
com.google.protobuf.InvalidProtocolBufferException
-
parseFrom
public static Policy parseFrom(byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException - Throws:
com.google.protobuf.InvalidProtocolBufferException
-
parseFrom
- Throws:
IOException
-
parseFrom
public static Policy parseFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException - Throws:
IOException
-
parseDelimitedFrom
- Throws:
IOException
-
parseDelimitedFrom
public static Policy parseDelimitedFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException - Throws:
IOException
-
parseFrom
- Throws:
IOException
-
parseFrom
public static Policy parseFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException - Throws:
IOException
-
newBuilderForType
- Specified by:
newBuilderForType
in interfacecom.google.protobuf.Message
- Specified by:
newBuilderForType
in interfacecom.google.protobuf.MessageLite
-
newBuilder
-
newBuilder
-
toBuilder
- Specified by:
toBuilder
in interfacecom.google.protobuf.Message
- Specified by:
toBuilder
in interfacecom.google.protobuf.MessageLite
-
newBuilderForType
protected Policy.Builder newBuilderForType(com.google.protobuf.AbstractMessage.BuilderParent parent) - Overrides:
newBuilderForType
in classcom.google.protobuf.AbstractMessage
-
getDefaultInstance
-
parser
-
getParserForType
- Specified by:
getParserForType
in interfacecom.google.protobuf.Message
- Specified by:
getParserForType
in interfacecom.google.protobuf.MessageLite
- Overrides:
getParserForType
in classcom.google.protobuf.GeneratedMessage
-
getDefaultInstanceForType
- Specified by:
getDefaultInstanceForType
in interfacecom.google.protobuf.MessageLiteOrBuilder
- Specified by:
getDefaultInstanceForType
in interfacecom.google.protobuf.MessageOrBuilder
-