Class ManagementEnforcer

  • Direct Known Subclasses:
    Enforcer

    public class ManagementEnforcer
    extends InternalEnforcer
    ManagementEnforcer = InternalEnforcer + Management API.
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void addFunction​(java.lang.String name, CustomFunction function)
      addFunction adds a customized function.
      boolean addGroupingPolicies​(java.lang.String[][] rules)
      addGroupingPolicies adds role inheritance rules to the current policy.
      boolean addGroupingPolicies​(java.util.List<java.util.List<java.lang.String>> rules)
      addGroupingPolicies adds role inheritance rules to the current policy.
      boolean addGroupingPolicy​(java.lang.String... params)
      addGroupingPolicy adds a role inheritance rule to the current policy.
      boolean addGroupingPolicy​(java.util.List<java.lang.String> params)
      addGroupingPolicy adds a role inheritance rule to the current policy.
      boolean addNamedGroupingPolicies​(java.lang.String ptype, java.lang.String[][] rules)
      addNamedGroupingPolicies adds named role inheritance rules to the current policy.
      boolean addNamedGroupingPolicies​(java.lang.String ptype, java.util.List<java.util.List<java.lang.String>> rules)
      addNamedGroupingPolicies adds named role inheritance rules to the current policy.
      boolean addNamedGroupingPolicy​(java.lang.String ptype, java.lang.String... params)
      addNamedGroupingPolicy adds a named role inheritance rule to the current policy.
      boolean addNamedGroupingPolicy​(java.lang.String ptype, java.util.List<java.lang.String> params)
      addNamedGroupingPolicy adds a named role inheritance rule to the current policy.
      boolean addNamedPolicies​(java.lang.String ptype, java.util.List<java.util.List<java.lang.String>> rules)
      addNamedPolicies adds authorization rules to the current named policy.
      boolean addNamedPoliciesEx​(java.lang.String ptype, java.util.List<java.util.List<java.lang.String>> rules)
      addNamedPoliciesEx adds authorization rules to the current named policy.
      boolean addNamedPolicy​(java.lang.String ptype, java.lang.String... params)
      AddNamedPolicy adds an authorization rule to the current named policy.
      boolean addNamedPolicy​(java.lang.String ptype, java.util.List<java.lang.String> params)
      AddNamedPolicy adds an authorization rule to the current named policy.
      boolean addPolicies​(java.lang.String[][] rules)
      addPolicies adds authorization rules to the current policy.
      boolean addPolicies​(java.util.List<java.util.List<java.lang.String>> rules)
      addPolicies adds authorization rules to the current policy.
      boolean addPolicy​(java.lang.String... params)
      addPolicy adds an authorization rule to the current policy.
      boolean addPolicy​(java.util.List<java.lang.String> params)
      addPolicy adds an authorization rule to the current policy.
      java.util.List<java.lang.String> getAllActions()
      getAllActions gets the list of actions that show up in the current policy.
      java.util.List<java.lang.String> getAllNamedActions​(java.lang.String ptype)
      GetAllNamedActions gets the list of actions that show up in the current named policy.
      java.util.List<java.lang.String> getAllNamedObjects​(java.lang.String ptype)
      getAllNamedObjects gets the list of objects that show up in the current named policy.
      java.util.List<java.lang.String> getAllNamedRoles​(java.lang.String ptype)
      getAllNamedRoles gets the list of roles that show up in the current named policy.
      java.util.List<java.lang.String> getAllNamedSubjects​(java.lang.String ptype)
      GetAllNamedSubjects gets the list of subjects that show up in the currentnamed policy.
      java.util.List<java.lang.String> getAllObjects()
      getAllObjects gets the list of objects that show up in the current policy.
      java.util.List<java.lang.String> getAllRoles()
      getAllRoles gets the list of roles that show up in the current policy.
      java.util.List<java.lang.String> getAllSubjects()
      getAllSubjects gets the list of subjects that show up in the current policy.
      private int getElementIndex​(Assertion policy, java.lang.String elementName)
      getElementIndex returns the index of a specific element.
      java.util.List<java.util.List<java.lang.String>> getFilteredGroupingPolicy​(int fieldIndex, java.lang.String... fieldValues)
      getFilteredGroupingPolicy gets all the role inheritance rules in the policy, field filters can be specified.
      java.util.List<java.util.List<java.lang.String>> getFilteredNamedGroupingPolicy​(java.lang.String ptype, int fieldIndex, java.lang.String... fieldValues)
      getFilteredNamedGroupingPolicy gets all the role inheritance rules in the policy, field filters can be specified.
      java.util.List<java.util.List<java.lang.String>> getFilteredNamedPolicy​(java.lang.String ptype, int fieldIndex, java.lang.String... fieldValues)
      getFilteredNamedPolicy gets all the authorization rules in the named policy, field filters can be specified.
      java.util.List<java.util.List<java.lang.String>> getFilteredPolicy​(int fieldIndex, java.lang.String... fieldValues)
      getFilteredPolicy gets all the authorization rules in the policy, field filters can be specified.
      java.util.List<java.util.List<java.lang.String>> getGroupingPolicy()
      getGroupingPolicy gets all the role inheritance rules in the policy.
      java.util.List<java.util.List<java.lang.String>> getNamedGroupingPolicy​(java.lang.String ptype)
      getNamedGroupingPolicy gets all the role inheritance rules in the policy.
      java.util.List<java.util.List<java.lang.String>> getNamedPolicy​(java.lang.String ptype)
      getNamedPolicy gets all the authorization rules in the named policy.
      java.util.Set<java.lang.String> getPermittedActions​(java.lang.Object sub, java.lang.Object obj)
      getPermittedActions returns all valid actions to specific object for current subject.
      java.util.List<java.util.List<java.lang.String>> getPolicy()
      getPolicy gets all the authorization rules in the policy.
      boolean hasGroupingPolicy​(java.lang.String... params)
      hasGroupingPolicy determines whether a role inheritance rule exists.
      boolean hasGroupingPolicy​(java.util.List<java.lang.String> params)
      hasGroupingPolicy determines whether a role inheritance rule exists.
      boolean hasNamedGroupingPolicy​(java.lang.String ptype, java.lang.String... params)
      hasNamedGroupingPolicy determines whether a named role inheritance rule exists.
      boolean hasNamedGroupingPolicy​(java.lang.String ptype, java.util.List<java.lang.String> params)
      hasNamedGroupingPolicy determines whether a named role inheritance rule exists.
      boolean hasNamedPolicy​(java.lang.String ptype, java.lang.String... params)
      hasNamedPolicy determines whether a named authorization rule exists.
      boolean hasNamedPolicy​(java.lang.String ptype, java.util.List<java.lang.String> params)
      hasNamedPolicy determines whether a named authorization rule exists.
      boolean hasPolicy​(java.lang.String... params)
      hasPolicy determines whether an authorization rule exists.
      boolean hasPolicy​(java.util.List<java.lang.String> params)
      hasPolicy determines whether an authorization rule exists.
      boolean removeFilteredGroupingPolicy​(int fieldIndex, java.lang.String... fieldValues)
      removeFilteredGroupingPolicy removes a role inheritance rule from the current policy, field filters can be specified.
      boolean removeFilteredNamedGroupingPolicy​(java.lang.String ptype, int fieldIndex, java.lang.String... fieldValues)
      removeFilteredNamedGroupingPolicy removes a role inheritance rule from the current named policy, field filters can be specified.
      boolean removeFilteredNamedPolicy​(java.lang.String ptype, int fieldIndex, java.lang.String... fieldValues)
      removeFilteredNamedPolicy removes an authorization rule from the current named policy, field filters can be specified.
      boolean removeFilteredPolicy​(int fieldIndex, java.lang.String... fieldValues)
      removeFilteredPolicy removes an authorization rule from the current policy, field filters can be specified.
      boolean removeGroupingPolicies​(java.lang.String[][] rules)
      removeGroupingPolicies removes role inheritance rules from the current policy.
      boolean removeGroupingPolicies​(java.util.List<java.util.List<java.lang.String>> rules)
      removeGroupingPolicies removes role inheritance rules from the current policy.
      boolean removeGroupingPolicy​(java.lang.String... params)
      removeGroupingPolicy removes a role inheritance rule from the current policy.
      boolean removeGroupingPolicy​(java.util.List<java.lang.String> params)
      removeGroupingPolicy removes a role inheritance rule from the current policy.
      boolean removeNamedGroupingPolicies​(java.lang.String ptype, java.lang.String[][] rules)
      removeNamedGroupingPolicies removes role inheritance rules from the current named policy.
      boolean removeNamedGroupingPolicies​(java.lang.String ptype, java.util.List<java.util.List<java.lang.String>> rules)
      removeNamedGroupingPolicies removes role inheritance rules from the current named policy.
      boolean removeNamedGroupingPolicy​(java.lang.String ptype, java.lang.String... params)
      removeNamedGroupingPolicy removes a role inheritance rule from the current named policy.
      boolean removeNamedGroupingPolicy​(java.lang.String ptype, java.util.List<java.lang.String> params)
      removeNamedGroupingPolicy removes a role inheritance rule from the current named policy.
      boolean removeNamedPolicies​(java.lang.String ptype, java.util.List<java.util.List<java.lang.String>> rules)
      removeNamedPolicies removes authorization rules from the current named policy.
      boolean removeNamedPolicy​(java.lang.String ptype, java.lang.String... params)
      removeNamedPolicy removes an authorization rule from the current named policy.
      boolean removeNamedPolicy​(java.lang.String ptype, java.util.List<java.lang.String> params)
      removeNamedPolicy removes an authorization rule from the current named policy.
      boolean removePolicies​(java.lang.String[][] rules)
      removePolicies removes authorization rules from the current policy.
      boolean removePolicies​(java.util.List<java.util.List<java.lang.String>> rules)
      removePolicies removes authorization rules from the current policy.
      boolean removePolicy​(java.lang.String... params)
      removePolicy removes an authorization rule from the current policy.
      boolean removePolicy​(java.util.List<java.lang.String> params)
      removePolicy removes an authorization rule from the current policy.
      boolean updateGroupingPolicy​(java.util.List<java.lang.String> params1, java.util.List<java.lang.String> params2)
      UpdateGroupingPolicy updates an authorization rule to the current named policy.
      boolean updateNamedGroupingPolicy​(java.lang.String ptype, java.util.List<java.lang.String> params1, java.util.List<java.lang.String> params2)
      updateNamedGroupingPolicy updates an authorization rule to the current named policy.
      boolean updateNamedPolicy​(java.lang.String ptype, java.util.List<java.lang.String> params1, java.util.List<java.lang.String> params2)
      updateNamedPolicy updates an authorization rule to the current named policy.
      boolean updatePolicy​(java.util.List<java.lang.String> params1, java.util.List<java.lang.String> params2)
      updatePolicy update an authorization rule to the current policy.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • ManagementEnforcer

        public ManagementEnforcer()
    • Method Detail

      • getAllSubjects

        public java.util.List<java.lang.String> getAllSubjects()
        getAllSubjects gets the list of subjects that show up in the current policy.
        Returns:
        all the subjects in "p" policy rules. It actually collects the 0-index elements of "p" policy rules. So make sure your subject is the 0-index element, like (sub, obj, act). Duplicates are removed.
      • getAllNamedSubjects

        public java.util.List<java.lang.String> getAllNamedSubjects​(java.lang.String ptype)
        GetAllNamedSubjects gets the list of subjects that show up in the currentnamed policy.
        Parameters:
        ptype - the policy type, can be "p", "p2", "p3", ..
        Returns:
        all the subjects in policy rules of the ptype type. It actually collects the 0-index elements of the policy rules. So make sure your subject is the 0-index element, like (sub, obj, act). Duplicates are removed.
      • getAllObjects

        public java.util.List<java.lang.String> getAllObjects()
        getAllObjects gets the list of objects that show up in the current policy.
        Returns:
        all the objects in "p" policy rules. It actually collects the 1-index elements of "p" policy rules. So make sure your object is the 1-index element, like (sub, obj, act). Duplicates are removed.
      • getAllNamedObjects

        public java.util.List<java.lang.String> getAllNamedObjects​(java.lang.String ptype)
        getAllNamedObjects gets the list of objects that show up in the current named policy.
        Parameters:
        ptype - the policy type, can be "p", "p2", "p3", ..
        Returns:
        all the objects in policy rules of the ptype type. It actually collects the 1-index elements of the policy rules. So make sure your object is the 1-index element, like (sub, obj, act). Duplicates are removed.
      • getAllActions

        public java.util.List<java.lang.String> getAllActions()
        getAllActions gets the list of actions that show up in the current policy.
        Returns:
        all the actions in "p" policy rules. It actually collects the 2-index elements of "p" policy rules. So make sure your action is the 2-index element, like (sub, obj, act). Duplicates are removed.
      • getAllNamedActions

        public java.util.List<java.lang.String> getAllNamedActions​(java.lang.String ptype)
        GetAllNamedActions gets the list of actions that show up in the current named policy.
        Parameters:
        ptype - the policy type, can be "p", "p2", "p3", ..
        Returns:
        all the actions in policy rules of the ptype type. It actually collects the 2-index elements of the policy rules. So make sure your action is the 2-index element, like (sub, obj, act). Duplicates are removed.
      • getAllRoles

        public java.util.List<java.lang.String> getAllRoles()
        getAllRoles gets the list of roles that show up in the current policy.
        Returns:
        all the roles in "g" policy rules. It actually collects the 1-index elements of "g" policy rules. So make sure your role is the 1-index element, like (sub, role). Duplicates are removed.
      • getAllNamedRoles

        public java.util.List<java.lang.String> getAllNamedRoles​(java.lang.String ptype)
        getAllNamedRoles gets the list of roles that show up in the current named policy.
        Parameters:
        ptype - the policy type, can be "g", "g2", "g3", ..
        Returns:
        all the subjects in policy rules of the ptype type. It actually collects the 0-index elements of the policy rules. So make sure your subject is the 0-index element, like (sub, obj, act). Duplicates are removed.
      • getPolicy

        public java.util.List<java.util.List<java.lang.String>> getPolicy()
        getPolicy gets all the authorization rules in the policy.
        Returns:
        all the "p" policy rules.
      • getFilteredPolicy

        public java.util.List<java.util.List<java.lang.String>> getFilteredPolicy​(int fieldIndex,
                                                                                  java.lang.String... fieldValues)
        getFilteredPolicy gets all the authorization rules in the policy, field filters can be specified.
        Parameters:
        fieldIndex - the policy rule's start index to be matched.
        fieldValues - the field values to be matched, value "" means not to match this field.
        Returns:
        the filtered "p" policy rules.
      • getNamedPolicy

        public java.util.List<java.util.List<java.lang.String>> getNamedPolicy​(java.lang.String ptype)
        getNamedPolicy gets all the authorization rules in the named policy.
        Parameters:
        ptype - the policy type, can be "p", "p2", "p3", ..
        Returns:
        the "p" policy rules of the specified ptype.
      • getFilteredNamedPolicy

        public java.util.List<java.util.List<java.lang.String>> getFilteredNamedPolicy​(java.lang.String ptype,
                                                                                       int fieldIndex,
                                                                                       java.lang.String... fieldValues)
        getFilteredNamedPolicy gets all the authorization rules in the named policy, field filters can be specified.
        Parameters:
        ptype - the policy type, can be "p", "p2", "p3", ..
        fieldIndex - the policy rule's start index to be matched.
        fieldValues - the field values to be matched, value "" means not to match this field.
        Returns:
        the filtered "p" policy rules of the specified ptype.
      • getGroupingPolicy

        public java.util.List<java.util.List<java.lang.String>> getGroupingPolicy()
        getGroupingPolicy gets all the role inheritance rules in the policy.
        Returns:
        all the "g" policy rules.
      • getFilteredGroupingPolicy

        public java.util.List<java.util.List<java.lang.String>> getFilteredGroupingPolicy​(int fieldIndex,
                                                                                          java.lang.String... fieldValues)
        getFilteredGroupingPolicy gets all the role inheritance rules in the policy, field filters can be specified.
        Parameters:
        fieldIndex - the policy rule's start index to be matched.
        fieldValues - the field values to be matched, value "" means not to match this field.
        Returns:
        the filtered "g" policy rules.
      • getNamedGroupingPolicy

        public java.util.List<java.util.List<java.lang.String>> getNamedGroupingPolicy​(java.lang.String ptype)
        getNamedGroupingPolicy gets all the role inheritance rules in the policy.
        Parameters:
        ptype - the policy type, can be "g", "g2", "g3", ..
        Returns:
        the "g" policy rules of the specified ptype.
      • getFilteredNamedGroupingPolicy

        public java.util.List<java.util.List<java.lang.String>> getFilteredNamedGroupingPolicy​(java.lang.String ptype,
                                                                                               int fieldIndex,
                                                                                               java.lang.String... fieldValues)
        getFilteredNamedGroupingPolicy gets all the role inheritance rules in the policy, field filters can be specified.
        Parameters:
        ptype - the policy type, can be "g", "g2", "g3", ..
        fieldIndex - the policy rule's start index to be matched.
        fieldValues - the field values to be matched, value "" means not to match this field.
        Returns:
        the filtered "g" policy rules of the specified ptype.
      • hasPolicy

        public boolean hasPolicy​(java.util.List<java.lang.String> params)
        hasPolicy determines whether an authorization rule exists.
        Parameters:
        params - the "p" policy rule, ptype "p" is implicitly used.
        Returns:
        whether the rule exists.
      • hasPolicy

        public boolean hasPolicy​(java.lang.String... params)
        hasPolicy determines whether an authorization rule exists.
        Parameters:
        params - the "p" policy rule, ptype "p" is implicitly used.
        Returns:
        whether the rule exists.
      • hasNamedPolicy

        public boolean hasNamedPolicy​(java.lang.String ptype,
                                      java.util.List<java.lang.String> params)
        hasNamedPolicy determines whether a named authorization rule exists.
        Parameters:
        ptype - the policy type, can be "p", "p2", "p3", ..
        params - the "p" policy rule.
        Returns:
        whether the rule exists.
      • hasNamedPolicy

        public boolean hasNamedPolicy​(java.lang.String ptype,
                                      java.lang.String... params)
        hasNamedPolicy determines whether a named authorization rule exists.
        Parameters:
        ptype - the policy type, can be "p", "p2", "p3", ..
        params - the "p" policy rule.
        Returns:
        whether the rule exists.
      • addPolicy

        public boolean addPolicy​(java.util.List<java.lang.String> params)
        addPolicy adds an authorization rule to the current policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise the function returns true by adding the new rule.
        Parameters:
        params - the "p" policy rule, ptype "p" is implicitly used.
        Returns:
        succeeds or not.
      • addPolicies

        public boolean addPolicies​(java.util.List<java.util.List<java.lang.String>> rules)
        addPolicies adds authorization rules to the current policy. If the rule already exists, the function returns false for the corresponding rule and the rule will not be added. Otherwise the function returns true for the corresponding rule by adding the new rule.
        Parameters:
        rules - the "p" policy rules, ptype "p" is implicitly used.
        Returns:
        succeeds or not.
      • updatePolicy

        public boolean updatePolicy​(java.util.List<java.lang.String> params1,
                                    java.util.List<java.lang.String> params2)
        updatePolicy update an authorization rule to the current policy.
        Parameters:
        params1 - the old rule.
        params2 - the new rule.
        Returns:
        succeeds or not.
      • addPolicy

        public boolean addPolicy​(java.lang.String... params)
        addPolicy adds an authorization rule to the current policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise the function returns true by adding the new rule.
        Parameters:
        params - the "p" policy rule, ptype "p" is implicitly used.
        Returns:
        succeeds or not.
      • addPolicies

        public boolean addPolicies​(java.lang.String[][] rules)
        addPolicies adds authorization rules to the current policy. If the rule already exists, the function returns false for the corresponding rule and the rule will not be added. Otherwise the function returns true for the corresponding rule by adding the new rule.
        Parameters:
        rules - the "p" policy rules, ptype "p" is implicitly used.
        Returns:
        succeeds or not.
      • addNamedPolicy

        public boolean addNamedPolicy​(java.lang.String ptype,
                                      java.util.List<java.lang.String> params)
        AddNamedPolicy adds an authorization rule to the current named policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise the function returns true by adding the new rule.
        Parameters:
        ptype - the policy type, can be "p", "p2", "p3", ..
        params - the "p" policy rule.
        Returns:
        succeeds or not.
      • addNamedPolicies

        public boolean addNamedPolicies​(java.lang.String ptype,
                                        java.util.List<java.util.List<java.lang.String>> rules)
        addNamedPolicies adds authorization rules to the current named policy. If the rule already exists, the function returns false for the corresponding rule and the rule will not be added. Otherwise the function returns true for the corresponding by adding the new rule.
        Parameters:
        ptype - the policy type, can be "p", "p2", "p3", ..
        rules - the "p" policy rules.
        Returns:
        succeeds or not.
      • addNamedPoliciesEx

        public boolean addNamedPoliciesEx​(java.lang.String ptype,
                                          java.util.List<java.util.List<java.lang.String>> rules)
        addNamedPoliciesEx adds authorization rules to the current named policy. If the rule already exists, the rule will not be added. But unlike AddNamedPolicies, other non-existent rules are added instead of returning false directly
        Parameters:
        ptype - the policy type, can be "p", "p2", "p3", ..
        rules - the "p" policy rules.
        Returns:
        succeeds or not.
      • updateNamedPolicy

        public boolean updateNamedPolicy​(java.lang.String ptype,
                                         java.util.List<java.lang.String> params1,
                                         java.util.List<java.lang.String> params2)
        updateNamedPolicy updates an authorization rule to the current named policy.
        Parameters:
        ptype - the policy type, can be "p", "p2", "p3", ..
        params1 - the old rule.
        params2 - the new rule.
        Returns:
        succeeds or not.
      • updateGroupingPolicy

        public boolean updateGroupingPolicy​(java.util.List<java.lang.String> params1,
                                            java.util.List<java.lang.String> params2)
        UpdateGroupingPolicy updates an authorization rule to the current named policy.
        Parameters:
        params1 - the old rule.
        params2 - the new rule.
        Returns:
        succeeds or not.
      • updateNamedGroupingPolicy

        public boolean updateNamedGroupingPolicy​(java.lang.String ptype,
                                                 java.util.List<java.lang.String> params1,
                                                 java.util.List<java.lang.String> params2)
        updateNamedGroupingPolicy updates an authorization rule to the current named policy.
        Parameters:
        ptype - the policy type, can be "g", "g2", "g3", ..
        params1 - the old rule.
        params2 - the new rule.
        Returns:
        succeeds or not.
      • addNamedPolicy

        public boolean addNamedPolicy​(java.lang.String ptype,
                                      java.lang.String... params)
        AddNamedPolicy adds an authorization rule to the current named policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise the function returns true by adding the new rule.
        Parameters:
        ptype - the policy type, can be "p", "p2", "p3", ..
        params - the "p" policy rule.
        Returns:
        succeeds or not.
      • removePolicy

        public boolean removePolicy​(java.util.List<java.lang.String> params)
        removePolicy removes an authorization rule from the current policy.
        Parameters:
        params - the "p" policy rule, ptype "p" is implicitly used.
        Returns:
        succeeds or not.
      • removePolicy

        public boolean removePolicy​(java.lang.String... params)
        removePolicy removes an authorization rule from the current policy.
        Parameters:
        params - the "p" policy rule, ptype "p" is implicitly used.
        Returns:
        succeeds or not.
      • removePolicies

        public boolean removePolicies​(java.util.List<java.util.List<java.lang.String>> rules)
        removePolicies removes authorization rules from the current policy.
        Parameters:
        rules - the "p" policy rules, ptype "p" is implicitly used.
        Returns:
        succeeds or not.
      • removePolicies

        public boolean removePolicies​(java.lang.String[][] rules)
        removePolicies removes authorization rules from the current policy.
        Parameters:
        rules - the "p" policy rules, ptype "p" is implicitly used.
        Returns:
        succeeds or not.
      • removeFilteredPolicy

        public boolean removeFilteredPolicy​(int fieldIndex,
                                            java.lang.String... fieldValues)
        removeFilteredPolicy removes an authorization rule from the current policy, field filters can be specified.
        Parameters:
        fieldIndex - the policy rule's start index to be matched.
        fieldValues - the field values to be matched, value "" means not to match this field.
        Returns:
        succeeds or not.
      • removeNamedPolicy

        public boolean removeNamedPolicy​(java.lang.String ptype,
                                         java.util.List<java.lang.String> params)
        removeNamedPolicy removes an authorization rule from the current named policy.
        Parameters:
        ptype - the policy type, can be "p", "p2", "p3", ..
        params - the "p" policy rule.
        Returns:
        succeeds or not.
      • removeNamedPolicy

        public boolean removeNamedPolicy​(java.lang.String ptype,
                                         java.lang.String... params)
        removeNamedPolicy removes an authorization rule from the current named policy.
        Parameters:
        ptype - the policy type, can be "p", "p2", "p3", ..
        params - the "p" policy rule.
        Returns:
        succeeds or not.
      • removeNamedPolicies

        public boolean removeNamedPolicies​(java.lang.String ptype,
                                           java.util.List<java.util.List<java.lang.String>> rules)
        removeNamedPolicies removes authorization rules from the current named policy.
        Parameters:
        ptype - ptype the policy type, can be "p", "p2", "p3", ..
        rules - the "p" policy rules.
        Returns:
        succeeds or not.
      • removeFilteredNamedPolicy

        public boolean removeFilteredNamedPolicy​(java.lang.String ptype,
                                                 int fieldIndex,
                                                 java.lang.String... fieldValues)
        removeFilteredNamedPolicy removes an authorization rule from the current named policy, field filters can be specified.
        Parameters:
        ptype - the policy type, can be "p", "p2", "p3", ..
        fieldIndex - the policy rule's start index to be matched.
        fieldValues - the field values to be matched, value "" means not to match this field.
        Returns:
        succeeds or not.
      • hasGroupingPolicy

        public boolean hasGroupingPolicy​(java.util.List<java.lang.String> params)
        hasGroupingPolicy determines whether a role inheritance rule exists.
        Parameters:
        params - the "g" policy rule, ptype "g" is implicitly used.
        Returns:
        whether the rule exists.
      • hasGroupingPolicy

        public boolean hasGroupingPolicy​(java.lang.String... params)
        hasGroupingPolicy determines whether a role inheritance rule exists.
        Parameters:
        params - the "g" policy rule, ptype "g" is implicitly used.
        Returns:
        whether the rule exists.
      • hasNamedGroupingPolicy

        public boolean hasNamedGroupingPolicy​(java.lang.String ptype,
                                              java.util.List<java.lang.String> params)
        hasNamedGroupingPolicy determines whether a named role inheritance rule exists.
        Parameters:
        ptype - the policy type, can be "g", "g2", "g3", ..
        params - the "g" policy rule.
        Returns:
        whether the rule exists.
      • hasNamedGroupingPolicy

        public boolean hasNamedGroupingPolicy​(java.lang.String ptype,
                                              java.lang.String... params)
        hasNamedGroupingPolicy determines whether a named role inheritance rule exists.
        Parameters:
        ptype - the policy type, can be "g", "g2", "g3", ..
        params - the "g" policy rule.
        Returns:
        whether the rule exists.
      • addGroupingPolicy

        public boolean addGroupingPolicy​(java.util.List<java.lang.String> params)
        addGroupingPolicy adds a role inheritance rule to the current policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise the function returns true by adding the new rule.
        Parameters:
        params - the "g" policy rule, ptype "g" is implicitly used.
        Returns:
        succeeds or not.
      • addGroupingPolicy

        public boolean addGroupingPolicy​(java.lang.String... params)
        addGroupingPolicy adds a role inheritance rule to the current policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise the function returns true by adding the new rule.
        Parameters:
        params - the "g" policy rule, ptype "g" is implicitly used.
        Returns:
        succeeds or not.
      • addGroupingPolicies

        public boolean addGroupingPolicies​(java.util.List<java.util.List<java.lang.String>> rules)
        addGroupingPolicies adds role inheritance rules to the current policy. If the rule already exists, the function returns false for the corresponding policy rule and the rule will not be added. Otherwise the function returns true for the corresponding policy rule by adding the new rule.
        Parameters:
        rules - the "g" policy rules, ptype "g" is implicitly used.
        Returns:
        succeeds or not.
      • addGroupingPolicies

        public boolean addGroupingPolicies​(java.lang.String[][] rules)
        addGroupingPolicies adds role inheritance rules to the current policy. If the rule already exists, the function returns false for the corresponding policy rule and the rule will not be added. Otherwise the function returns true for the corresponding policy rule by adding the new rule.
        Parameters:
        rules - the "g" policy rules, ptype "g" is implicitly used.
        Returns:
        succeeds or not.
      • addNamedGroupingPolicy

        public boolean addNamedGroupingPolicy​(java.lang.String ptype,
                                              java.util.List<java.lang.String> params)
        addNamedGroupingPolicy adds a named role inheritance rule to the current policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise the function returns true by adding the new rule.
        Parameters:
        ptype - the policy type, can be "g", "g2", "g3", ..
        params - the "g" policy rule.
        Returns:
        succeeds or not.
      • addNamedGroupingPolicy

        public boolean addNamedGroupingPolicy​(java.lang.String ptype,
                                              java.lang.String... params)
        addNamedGroupingPolicy adds a named role inheritance rule to the current policy. If the rule already exists, the function returns false and the rule will not be added. Otherwise the function returns true by adding the new rule.
        Parameters:
        ptype - the policy type, can be "g", "g2", "g3", ..
        params - the "g" policy rule.
        Returns:
        succeeds or not.
      • addNamedGroupingPolicies

        public boolean addNamedGroupingPolicies​(java.lang.String ptype,
                                                java.util.List<java.util.List<java.lang.String>> rules)
        addNamedGroupingPolicies adds named role inheritance rules to the current policy. If the rule already exists, the function returns false for the corresponding policy rule and the rule will not be added. Otherwise the function returns true for the corresponding policy rule by adding the new rule.
        Parameters:
        ptype - the policy type, can be "g", "g2", "g3", ..
        rules - the "g" policy rules.
        Returns:
        succeeds or not.
      • addNamedGroupingPolicies

        public boolean addNamedGroupingPolicies​(java.lang.String ptype,
                                                java.lang.String[][] rules)
        addNamedGroupingPolicies adds named role inheritance rules to the current policy. If the rule already exists, the function returns false for the corresponding policy rule and the rule will not be added. Otherwise the function returns true for the corresponding policy rule by adding the new rule.
        Parameters:
        ptype - the policy type, can be "g", "g2", "g3", ..
        rules - the "g" policy rules.
        Returns:
        succeeds or not.
      • removeGroupingPolicy

        public boolean removeGroupingPolicy​(java.util.List<java.lang.String> params)
        removeGroupingPolicy removes a role inheritance rule from the current policy.
        Parameters:
        params - the "g" policy rule, ptype "g" is implicitly used.
        Returns:
        succeeds or not.
      • removeGroupingPolicy

        public boolean removeGroupingPolicy​(java.lang.String... params)
        removeGroupingPolicy removes a role inheritance rule from the current policy.
        Parameters:
        params - the "g" policy rule, ptype "g" is implicitly used.
        Returns:
        succeeds or not.
      • removeGroupingPolicies

        public boolean removeGroupingPolicies​(java.util.List<java.util.List<java.lang.String>> rules)
        removeGroupingPolicies removes role inheritance rules from the current policy.
        Parameters:
        rules - the "g" policy rules, ptype "g" is implicitly used.
        Returns:
        succeeds or not.
      • removeGroupingPolicies

        public boolean removeGroupingPolicies​(java.lang.String[][] rules)
        removeGroupingPolicies removes role inheritance rules from the current policy.
        Parameters:
        rules - the "g" policy rules, ptype "g" is implicitly used.
        Returns:
        succeeds or not.
      • removeFilteredGroupingPolicy

        public boolean removeFilteredGroupingPolicy​(int fieldIndex,
                                                    java.lang.String... fieldValues)
        removeFilteredGroupingPolicy removes a role inheritance rule from the current policy, field filters can be specified.
        Parameters:
        fieldIndex - the policy rule's start index to be matched.
        fieldValues - the field values to be matched, value "" means not to match this field.
        Returns:
        succeeds or not.
      • removeNamedGroupingPolicy

        public boolean removeNamedGroupingPolicy​(java.lang.String ptype,
                                                 java.util.List<java.lang.String> params)
        removeNamedGroupingPolicy removes a role inheritance rule from the current named policy.
        Parameters:
        ptype - the policy type, can be "g", "g2", "g3", ..
        params - the "g" policy rule.
        Returns:
        succeeds or not.
      • removeNamedGroupingPolicy

        public boolean removeNamedGroupingPolicy​(java.lang.String ptype,
                                                 java.lang.String... params)
        removeNamedGroupingPolicy removes a role inheritance rule from the current named policy.
        Parameters:
        ptype - the policy type, can be "g", "g2", "g3", ..
        params - the "g" policy rule.
        Returns:
        succeeds or not.
      • removeNamedGroupingPolicies

        public boolean removeNamedGroupingPolicies​(java.lang.String ptype,
                                                   java.util.List<java.util.List<java.lang.String>> rules)
        removeNamedGroupingPolicies removes role inheritance rules from the current named policy.
        Parameters:
        ptype - the policy type, can be "g", "g2", "g3", ..
        rules - the "g" policy rules.
        Returns:
        succeeds or not.
      • removeNamedGroupingPolicies

        public boolean removeNamedGroupingPolicies​(java.lang.String ptype,
                                                   java.lang.String[][] rules)
        removeNamedGroupingPolicies removes role inheritance rules from the current named policy.
        Parameters:
        ptype - the policy type, can be "g", "g2", "g3", ..
        rules - the "g" policy rules.
        Returns:
        succeeds or not.
      • removeFilteredNamedGroupingPolicy

        public boolean removeFilteredNamedGroupingPolicy​(java.lang.String ptype,
                                                         int fieldIndex,
                                                         java.lang.String... fieldValues)
        removeFilteredNamedGroupingPolicy removes a role inheritance rule from the current named policy, field filters can be specified.
        Parameters:
        ptype - the policy type, can be "g", "g2", "g3", ..
        fieldIndex - the policy rule's start index to be matched.
        fieldValues - the field values to be matched, value "" means not to match this field.
        Returns:
        succeeds or not.
      • addFunction

        public void addFunction​(java.lang.String name,
                                CustomFunction function)
        addFunction adds a customized function.
        Parameters:
        name - the name of the function.
        function - the custom function.
      • getPermittedActions

        public java.util.Set<java.lang.String> getPermittedActions​(java.lang.Object sub,
                                                                   java.lang.Object obj)
        getPermittedActions returns all valid actions to specific object for current subject. At present, the execution efficiency of this method is not high. Please avoid calling this method frequently.
        Parameters:
        sub - the subject(usually means user).
        obj - the object(usually means resources).
        Returns:
        all valid actions to specific object for current subject.
      • getElementIndex

        private int getElementIndex​(Assertion policy,
                                    java.lang.String elementName)
        getElementIndex returns the index of a specific element.
        Parameters:
        policy - the policy. For example: policy.value = "sub, obj, act"
        elementName - the element's name. For example: elementName = "act"
        Returns:
        the index of a specific element. If the above two example parameters are passed in, it will return 2. -1 if the element does not exist.