Class Permission

java.lang.Object
com.google.protobuf.AbstractMessageLite
com.google.protobuf.AbstractMessage
com.google.protobuf.GeneratedMessage
io.envoyproxy.envoy.config.rbac.v3.Permission
All Implemented Interfaces:
com.google.protobuf.Message, com.google.protobuf.MessageLite, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, PermissionOrBuilder, Serializable

public final class Permission extends com.google.protobuf.GeneratedMessage implements PermissionOrBuilder
 Permission defines an action (or actions) that a principal can take.
 [#next-free-field: 14]
 
Protobuf type envoy.config.rbac.v3.Permission
See Also:
  • Field Details

    • serialVersionUID

      private static final long serialVersionUID
      See Also:
    • ruleCase_

      private int ruleCase_
    • rule_

      private Object rule_
    • AND_RULES_FIELD_NUMBER

      public static final int AND_RULES_FIELD_NUMBER
      See Also:
    • OR_RULES_FIELD_NUMBER

      public static final int OR_RULES_FIELD_NUMBER
      See Also:
    • ANY_FIELD_NUMBER

      public static final int ANY_FIELD_NUMBER
      See Also:
    • HEADER_FIELD_NUMBER

      public static final int HEADER_FIELD_NUMBER
      See Also:
    • URL_PATH_FIELD_NUMBER

      public static final int URL_PATH_FIELD_NUMBER
      See Also:
    • DESTINATION_IP_FIELD_NUMBER

      public static final int DESTINATION_IP_FIELD_NUMBER
      See Also:
    • DESTINATION_PORT_FIELD_NUMBER

      public static final int DESTINATION_PORT_FIELD_NUMBER
      See Also:
    • DESTINATION_PORT_RANGE_FIELD_NUMBER

      public static final int DESTINATION_PORT_RANGE_FIELD_NUMBER
      See Also:
    • METADATA_FIELD_NUMBER

      public static final int METADATA_FIELD_NUMBER
      See Also:
    • NOT_RULE_FIELD_NUMBER

      public static final int NOT_RULE_FIELD_NUMBER
      See Also:
    • REQUESTED_SERVER_NAME_FIELD_NUMBER

      public static final int REQUESTED_SERVER_NAME_FIELD_NUMBER
      See Also:
    • MATCHER_FIELD_NUMBER

      public static final int MATCHER_FIELD_NUMBER
      See Also:
    • URI_TEMPLATE_FIELD_NUMBER

      public static final int URI_TEMPLATE_FIELD_NUMBER
      See Also:
    • memoizedIsInitialized

      private byte memoizedIsInitialized
    • DEFAULT_INSTANCE

      private static final Permission DEFAULT_INSTANCE
    • PARSER

      private static final com.google.protobuf.Parser<Permission> PARSER
  • Constructor Details

    • Permission

      private Permission(com.google.protobuf.GeneratedMessage.Builder<?> builder)
    • Permission

      private Permission()
  • Method Details

    • getDescriptor

      public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()
    • internalGetFieldAccessorTable

      protected com.google.protobuf.GeneratedMessage.FieldAccessorTable internalGetFieldAccessorTable()
      Specified by:
      internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessage
    • getRuleCase

      public Permission.RuleCase getRuleCase()
      Specified by:
      getRuleCase in interface PermissionOrBuilder
    • hasAndRules

      public boolean hasAndRules()
       A set of rules that all must match in order to define the action.
       
      .envoy.config.rbac.v3.Permission.Set and_rules = 1;
      Specified by:
      hasAndRules in interface PermissionOrBuilder
      Returns:
      Whether the andRules field is set.
    • getAndRules

      public Permission.Set getAndRules()
       A set of rules that all must match in order to define the action.
       
      .envoy.config.rbac.v3.Permission.Set and_rules = 1;
      Specified by:
      getAndRules in interface PermissionOrBuilder
      Returns:
      The andRules.
    • getAndRulesOrBuilder

      public Permission.SetOrBuilder getAndRulesOrBuilder()
       A set of rules that all must match in order to define the action.
       
      .envoy.config.rbac.v3.Permission.Set and_rules = 1;
      Specified by:
      getAndRulesOrBuilder in interface PermissionOrBuilder
    • hasOrRules

      public boolean hasOrRules()
       A set of rules where at least one must match in order to define the action.
       
      .envoy.config.rbac.v3.Permission.Set or_rules = 2;
      Specified by:
      hasOrRules in interface PermissionOrBuilder
      Returns:
      Whether the orRules field is set.
    • getOrRules

      public Permission.Set getOrRules()
       A set of rules where at least one must match in order to define the action.
       
      .envoy.config.rbac.v3.Permission.Set or_rules = 2;
      Specified by:
      getOrRules in interface PermissionOrBuilder
      Returns:
      The orRules.
    • getOrRulesOrBuilder

      public Permission.SetOrBuilder getOrRulesOrBuilder()
       A set of rules where at least one must match in order to define the action.
       
      .envoy.config.rbac.v3.Permission.Set or_rules = 2;
      Specified by:
      getOrRulesOrBuilder in interface PermissionOrBuilder
    • hasAny

      public boolean hasAny()
       When any is set, it matches any action.
       
      bool any = 3 [(.validate.rules) = { ... }
      Specified by:
      hasAny in interface PermissionOrBuilder
      Returns:
      Whether the any field is set.
    • getAny

      public boolean getAny()
       When any is set, it matches any action.
       
      bool any = 3 [(.validate.rules) = { ... }
      Specified by:
      getAny in interface PermissionOrBuilder
      Returns:
      The any.
    • hasHeader

      public boolean hasHeader()
       A header (or pseudo-header such as :path or :method) on the incoming HTTP request. Only
       available for HTTP request.
       Note: the pseudo-header :path includes the query and fragment string. Use the ``url_path``
       field if you want to match the URL path without the query and fragment string.
       
      .envoy.config.route.v3.HeaderMatcher header = 4;
      Specified by:
      hasHeader in interface PermissionOrBuilder
      Returns:
      Whether the header field is set.
    • getHeader

      public HeaderMatcher getHeader()
       A header (or pseudo-header such as :path or :method) on the incoming HTTP request. Only
       available for HTTP request.
       Note: the pseudo-header :path includes the query and fragment string. Use the ``url_path``
       field if you want to match the URL path without the query and fragment string.
       
      .envoy.config.route.v3.HeaderMatcher header = 4;
      Specified by:
      getHeader in interface PermissionOrBuilder
      Returns:
      The header.
    • getHeaderOrBuilder

      public HeaderMatcherOrBuilder getHeaderOrBuilder()
       A header (or pseudo-header such as :path or :method) on the incoming HTTP request. Only
       available for HTTP request.
       Note: the pseudo-header :path includes the query and fragment string. Use the ``url_path``
       field if you want to match the URL path without the query and fragment string.
       
      .envoy.config.route.v3.HeaderMatcher header = 4;
      Specified by:
      getHeaderOrBuilder in interface PermissionOrBuilder
    • hasUrlPath

      public boolean hasUrlPath()
       A URL path on the incoming HTTP request. Only available for HTTP.
       
      .envoy.type.matcher.v3.PathMatcher url_path = 10;
      Specified by:
      hasUrlPath in interface PermissionOrBuilder
      Returns:
      Whether the urlPath field is set.
    • getUrlPath

      public PathMatcher getUrlPath()
       A URL path on the incoming HTTP request. Only available for HTTP.
       
      .envoy.type.matcher.v3.PathMatcher url_path = 10;
      Specified by:
      getUrlPath in interface PermissionOrBuilder
      Returns:
      The urlPath.
    • getUrlPathOrBuilder

      public PathMatcherOrBuilder getUrlPathOrBuilder()
       A URL path on the incoming HTTP request. Only available for HTTP.
       
      .envoy.type.matcher.v3.PathMatcher url_path = 10;
      Specified by:
      getUrlPathOrBuilder in interface PermissionOrBuilder
    • hasDestinationIp

      public boolean hasDestinationIp()
       A CIDR block that describes the destination IP.
       
      .envoy.config.core.v3.CidrRange destination_ip = 5;
      Specified by:
      hasDestinationIp in interface PermissionOrBuilder
      Returns:
      Whether the destinationIp field is set.
    • getDestinationIp

      public CidrRange getDestinationIp()
       A CIDR block that describes the destination IP.
       
      .envoy.config.core.v3.CidrRange destination_ip = 5;
      Specified by:
      getDestinationIp in interface PermissionOrBuilder
      Returns:
      The destinationIp.
    • getDestinationIpOrBuilder

      public CidrRangeOrBuilder getDestinationIpOrBuilder()
       A CIDR block that describes the destination IP.
       
      .envoy.config.core.v3.CidrRange destination_ip = 5;
      Specified by:
      getDestinationIpOrBuilder in interface PermissionOrBuilder
    • hasDestinationPort

      public boolean hasDestinationPort()
       A port number that describes the destination port connecting to.
       
      uint32 destination_port = 6 [(.validate.rules) = { ... }
      Specified by:
      hasDestinationPort in interface PermissionOrBuilder
      Returns:
      Whether the destinationPort field is set.
    • getDestinationPort

      public int getDestinationPort()
       A port number that describes the destination port connecting to.
       
      uint32 destination_port = 6 [(.validate.rules) = { ... }
      Specified by:
      getDestinationPort in interface PermissionOrBuilder
      Returns:
      The destinationPort.
    • hasDestinationPortRange

      public boolean hasDestinationPortRange()
       A port number range that describes a range of destination ports connecting to.
       
      .envoy.type.v3.Int32Range destination_port_range = 11;
      Specified by:
      hasDestinationPortRange in interface PermissionOrBuilder
      Returns:
      Whether the destinationPortRange field is set.
    • getDestinationPortRange

      public Int32Range getDestinationPortRange()
       A port number range that describes a range of destination ports connecting to.
       
      .envoy.type.v3.Int32Range destination_port_range = 11;
      Specified by:
      getDestinationPortRange in interface PermissionOrBuilder
      Returns:
      The destinationPortRange.
    • getDestinationPortRangeOrBuilder

      public Int32RangeOrBuilder getDestinationPortRangeOrBuilder()
       A port number range that describes a range of destination ports connecting to.
       
      .envoy.type.v3.Int32Range destination_port_range = 11;
      Specified by:
      getDestinationPortRangeOrBuilder in interface PermissionOrBuilder
    • hasMetadata

      public boolean hasMetadata()
       Metadata that describes additional information about the action.
       
      .envoy.type.matcher.v3.MetadataMatcher metadata = 7;
      Specified by:
      hasMetadata in interface PermissionOrBuilder
      Returns:
      Whether the metadata field is set.
    • getMetadata

      public MetadataMatcher getMetadata()
       Metadata that describes additional information about the action.
       
      .envoy.type.matcher.v3.MetadataMatcher metadata = 7;
      Specified by:
      getMetadata in interface PermissionOrBuilder
      Returns:
      The metadata.
    • getMetadataOrBuilder

      public MetadataMatcherOrBuilder getMetadataOrBuilder()
       Metadata that describes additional information about the action.
       
      .envoy.type.matcher.v3.MetadataMatcher metadata = 7;
      Specified by:
      getMetadataOrBuilder in interface PermissionOrBuilder
    • hasNotRule

      public boolean hasNotRule()
       Negates matching the provided permission. For instance, if the value of
       ``not_rule`` would match, this permission would not match. Conversely, if
       the value of ``not_rule`` would not match, this permission would match.
       
      .envoy.config.rbac.v3.Permission not_rule = 8;
      Specified by:
      hasNotRule in interface PermissionOrBuilder
      Returns:
      Whether the notRule field is set.
    • getNotRule

      public Permission getNotRule()
       Negates matching the provided permission. For instance, if the value of
       ``not_rule`` would match, this permission would not match. Conversely, if
       the value of ``not_rule`` would not match, this permission would match.
       
      .envoy.config.rbac.v3.Permission not_rule = 8;
      Specified by:
      getNotRule in interface PermissionOrBuilder
      Returns:
      The notRule.
    • getNotRuleOrBuilder

      public PermissionOrBuilder getNotRuleOrBuilder()
       Negates matching the provided permission. For instance, if the value of
       ``not_rule`` would match, this permission would not match. Conversely, if
       the value of ``not_rule`` would not match, this permission would match.
       
      .envoy.config.rbac.v3.Permission not_rule = 8;
      Specified by:
      getNotRuleOrBuilder in interface PermissionOrBuilder
    • hasRequestedServerName

      public boolean hasRequestedServerName()
       The request server from the client's connection request. This is
       typically TLS SNI.
      
       .. attention::
      
       The behavior of this field may be affected by how Envoy is configured
       as explained below.
      
       * If the :ref:`TLS Inspector <config_listener_filters_tls_inspector>`
       filter is not added, and if a ``FilterChainMatch`` is not defined for
       the :ref:`server name
       <envoy_v3_api_field_config.listener.v3.FilterChainMatch.server_names>`,
       a TLS connection's requested SNI server name will be treated as if it
       wasn't present.
      
       * A :ref:`listener filter <arch_overview_listener_filters>` may
       overwrite a connection's requested server name within Envoy.
      
       Please refer to :ref:`this FAQ entry <faq_how_to_setup_sni>` to learn to
       setup SNI.
       
      .envoy.type.matcher.v3.StringMatcher requested_server_name = 9;
      Specified by:
      hasRequestedServerName in interface PermissionOrBuilder
      Returns:
      Whether the requestedServerName field is set.
    • getRequestedServerName

      public StringMatcher getRequestedServerName()
       The request server from the client's connection request. This is
       typically TLS SNI.
      
       .. attention::
      
       The behavior of this field may be affected by how Envoy is configured
       as explained below.
      
       * If the :ref:`TLS Inspector <config_listener_filters_tls_inspector>`
       filter is not added, and if a ``FilterChainMatch`` is not defined for
       the :ref:`server name
       <envoy_v3_api_field_config.listener.v3.FilterChainMatch.server_names>`,
       a TLS connection's requested SNI server name will be treated as if it
       wasn't present.
      
       * A :ref:`listener filter <arch_overview_listener_filters>` may
       overwrite a connection's requested server name within Envoy.
      
       Please refer to :ref:`this FAQ entry <faq_how_to_setup_sni>` to learn to
       setup SNI.
       
      .envoy.type.matcher.v3.StringMatcher requested_server_name = 9;
      Specified by:
      getRequestedServerName in interface PermissionOrBuilder
      Returns:
      The requestedServerName.
    • getRequestedServerNameOrBuilder

      public StringMatcherOrBuilder getRequestedServerNameOrBuilder()
       The request server from the client's connection request. This is
       typically TLS SNI.
      
       .. attention::
      
       The behavior of this field may be affected by how Envoy is configured
       as explained below.
      
       * If the :ref:`TLS Inspector <config_listener_filters_tls_inspector>`
       filter is not added, and if a ``FilterChainMatch`` is not defined for
       the :ref:`server name
       <envoy_v3_api_field_config.listener.v3.FilterChainMatch.server_names>`,
       a TLS connection's requested SNI server name will be treated as if it
       wasn't present.
      
       * A :ref:`listener filter <arch_overview_listener_filters>` may
       overwrite a connection's requested server name within Envoy.
      
       Please refer to :ref:`this FAQ entry <faq_how_to_setup_sni>` to learn to
       setup SNI.
       
      .envoy.type.matcher.v3.StringMatcher requested_server_name = 9;
      Specified by:
      getRequestedServerNameOrBuilder in interface PermissionOrBuilder
    • hasMatcher

      public boolean hasMatcher()
       Extension for configuring custom matchers for RBAC.
       [#extension-category: envoy.rbac.matchers]
       
      .envoy.config.core.v3.TypedExtensionConfig matcher = 12;
      Specified by:
      hasMatcher in interface PermissionOrBuilder
      Returns:
      Whether the matcher field is set.
    • getMatcher

      public TypedExtensionConfig getMatcher()
       Extension for configuring custom matchers for RBAC.
       [#extension-category: envoy.rbac.matchers]
       
      .envoy.config.core.v3.TypedExtensionConfig matcher = 12;
      Specified by:
      getMatcher in interface PermissionOrBuilder
      Returns:
      The matcher.
    • getMatcherOrBuilder

      public TypedExtensionConfigOrBuilder getMatcherOrBuilder()
       Extension for configuring custom matchers for RBAC.
       [#extension-category: envoy.rbac.matchers]
       
      .envoy.config.core.v3.TypedExtensionConfig matcher = 12;
      Specified by:
      getMatcherOrBuilder in interface PermissionOrBuilder
    • hasUriTemplate

      public boolean hasUriTemplate()
       URI template path matching.
       [#extension-category: envoy.path.match]
       
      .envoy.config.core.v3.TypedExtensionConfig uri_template = 13;
      Specified by:
      hasUriTemplate in interface PermissionOrBuilder
      Returns:
      Whether the uriTemplate field is set.
    • getUriTemplate

      public TypedExtensionConfig getUriTemplate()
       URI template path matching.
       [#extension-category: envoy.path.match]
       
      .envoy.config.core.v3.TypedExtensionConfig uri_template = 13;
      Specified by:
      getUriTemplate in interface PermissionOrBuilder
      Returns:
      The uriTemplate.
    • getUriTemplateOrBuilder

      public TypedExtensionConfigOrBuilder getUriTemplateOrBuilder()
       URI template path matching.
       [#extension-category: envoy.path.match]
       
      .envoy.config.core.v3.TypedExtensionConfig uri_template = 13;
      Specified by:
      getUriTemplateOrBuilder in interface PermissionOrBuilder
    • isInitialized

      public final boolean isInitialized()
      Specified by:
      isInitialized in interface com.google.protobuf.MessageLiteOrBuilder
      Overrides:
      isInitialized in class com.google.protobuf.GeneratedMessage
    • writeTo

      public void writeTo(com.google.protobuf.CodedOutputStream output) throws IOException
      Specified by:
      writeTo in interface com.google.protobuf.MessageLite
      Overrides:
      writeTo in class com.google.protobuf.GeneratedMessage
      Throws:
      IOException
    • getSerializedSize

      public int getSerializedSize()
      Specified by:
      getSerializedSize in interface com.google.protobuf.MessageLite
      Overrides:
      getSerializedSize in class com.google.protobuf.GeneratedMessage
    • equals

      public boolean equals(Object obj)
      Specified by:
      equals in interface com.google.protobuf.Message
      Overrides:
      equals in class com.google.protobuf.AbstractMessage
    • hashCode

      public int hashCode()
      Specified by:
      hashCode in interface com.google.protobuf.Message
      Overrides:
      hashCode in class com.google.protobuf.AbstractMessage
    • parseFrom

      public static Permission parseFrom(ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException
    • parseFrom

      public static Permission parseFrom(ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException
    • parseFrom

      public static Permission parseFrom(com.google.protobuf.ByteString data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException
    • parseFrom

      public static Permission parseFrom(com.google.protobuf.ByteString data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException
    • parseFrom

      public static Permission parseFrom(byte[] data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException
    • parseFrom

      public static Permission parseFrom(byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException
    • parseFrom

      public static Permission parseFrom(InputStream input) throws IOException
      Throws:
      IOException
    • parseFrom

      public static Permission parseFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException
    • parseDelimitedFrom

      public static Permission parseDelimitedFrom(InputStream input) throws IOException
      Throws:
      IOException
    • parseDelimitedFrom

      public static Permission parseDelimitedFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException
    • parseFrom

      public static Permission parseFrom(com.google.protobuf.CodedInputStream input) throws IOException
      Throws:
      IOException
    • parseFrom

      public static Permission parseFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException
    • newBuilderForType

      public Permission.Builder newBuilderForType()
      Specified by:
      newBuilderForType in interface com.google.protobuf.Message
      Specified by:
      newBuilderForType in interface com.google.protobuf.MessageLite
    • newBuilder

      public static Permission.Builder newBuilder()
    • newBuilder

      public static Permission.Builder newBuilder(Permission prototype)
    • toBuilder

      public Permission.Builder toBuilder()
      Specified by:
      toBuilder in interface com.google.protobuf.Message
      Specified by:
      toBuilder in interface com.google.protobuf.MessageLite
    • newBuilderForType

      protected Permission.Builder newBuilderForType(com.google.protobuf.AbstractMessage.BuilderParent parent)
      Overrides:
      newBuilderForType in class com.google.protobuf.AbstractMessage
    • getDefaultInstance

      public static Permission getDefaultInstance()
    • parser

      public static com.google.protobuf.Parser<Permission> parser()
    • getParserForType

      public com.google.protobuf.Parser<Permission> getParserForType()
      Specified by:
      getParserForType in interface com.google.protobuf.Message
      Specified by:
      getParserForType in interface com.google.protobuf.MessageLite
      Overrides:
      getParserForType in class com.google.protobuf.GeneratedMessage
    • getDefaultInstanceForType

      public Permission getDefaultInstanceForType()
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder