Class Permission

  • All Implemented Interfaces:
    com.google.protobuf.Message, com.google.protobuf.MessageLite, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, PermissionOrBuilder, java.io.Serializable

    public final class Permission
    extends com.google.protobuf.GeneratedMessage
    implements PermissionOrBuilder
     Permission defines an action (or actions) that a principal can take.
     [#next-free-field: 14]
     
    Protobuf type envoy.config.rbac.v3.Permission
    See Also:
    Serialized Form
    • Field Detail

      • ruleCase_

        private int ruleCase_
      • rule_

        private java.lang.Object rule_
      • DESTINATION_IP_FIELD_NUMBER

        public static final int DESTINATION_IP_FIELD_NUMBER
        See Also:
        Constant Field Values
      • DESTINATION_PORT_FIELD_NUMBER

        public static final int DESTINATION_PORT_FIELD_NUMBER
        See Also:
        Constant Field Values
      • DESTINATION_PORT_RANGE_FIELD_NUMBER

        public static final int DESTINATION_PORT_RANGE_FIELD_NUMBER
        See Also:
        Constant Field Values
      • REQUESTED_SERVER_NAME_FIELD_NUMBER

        public static final int REQUESTED_SERVER_NAME_FIELD_NUMBER
        See Also:
        Constant Field Values
      • URI_TEMPLATE_FIELD_NUMBER

        public static final int URI_TEMPLATE_FIELD_NUMBER
        See Also:
        Constant Field Values
      • memoizedIsInitialized

        private byte memoizedIsInitialized
      • DEFAULT_INSTANCE

        private static final Permission DEFAULT_INSTANCE
      • PARSER

        private static final com.google.protobuf.Parser<Permission> PARSER
    • Constructor Detail

      • Permission

        private Permission​(com.google.protobuf.GeneratedMessage.Builder<?> builder)
      • Permission

        private Permission()
    • Method Detail

      • getDescriptor

        public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()
      • internalGetFieldAccessorTable

        protected com.google.protobuf.GeneratedMessage.FieldAccessorTable internalGetFieldAccessorTable()
        Specified by:
        internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessage
      • hasAndRules

        public boolean hasAndRules()
         A set of rules that all must match in order to define the action.
         
        .envoy.config.rbac.v3.Permission.Set and_rules = 1;
        Specified by:
        hasAndRules in interface PermissionOrBuilder
        Returns:
        Whether the andRules field is set.
      • getAndRules

        public Permission.Set getAndRules()
         A set of rules that all must match in order to define the action.
         
        .envoy.config.rbac.v3.Permission.Set and_rules = 1;
        Specified by:
        getAndRules in interface PermissionOrBuilder
        Returns:
        The andRules.
      • hasOrRules

        public boolean hasOrRules()
         A set of rules where at least one must match in order to define the action.
         
        .envoy.config.rbac.v3.Permission.Set or_rules = 2;
        Specified by:
        hasOrRules in interface PermissionOrBuilder
        Returns:
        Whether the orRules field is set.
      • getOrRules

        public Permission.Set getOrRules()
         A set of rules where at least one must match in order to define the action.
         
        .envoy.config.rbac.v3.Permission.Set or_rules = 2;
        Specified by:
        getOrRules in interface PermissionOrBuilder
        Returns:
        The orRules.
      • hasAny

        public boolean hasAny()
         When any is set, it matches any action.
         
        bool any = 3 [(.validate.rules) = { ... }
        Specified by:
        hasAny in interface PermissionOrBuilder
        Returns:
        Whether the any field is set.
      • getAny

        public boolean getAny()
         When any is set, it matches any action.
         
        bool any = 3 [(.validate.rules) = { ... }
        Specified by:
        getAny in interface PermissionOrBuilder
        Returns:
        The any.
      • hasHeader

        public boolean hasHeader()
         A header (or pseudo-header such as :path or :method) on the incoming HTTP request. Only
         available for HTTP request.
         Note: the pseudo-header :path includes the query and fragment string. Use the ``url_path``
         field if you want to match the URL path without the query and fragment string.
         
        .envoy.config.route.v3.HeaderMatcher header = 4;
        Specified by:
        hasHeader in interface PermissionOrBuilder
        Returns:
        Whether the header field is set.
      • getHeader

        public HeaderMatcher getHeader()
         A header (or pseudo-header such as :path or :method) on the incoming HTTP request. Only
         available for HTTP request.
         Note: the pseudo-header :path includes the query and fragment string. Use the ``url_path``
         field if you want to match the URL path without the query and fragment string.
         
        .envoy.config.route.v3.HeaderMatcher header = 4;
        Specified by:
        getHeader in interface PermissionOrBuilder
        Returns:
        The header.
      • getHeaderOrBuilder

        public HeaderMatcherOrBuilder getHeaderOrBuilder()
         A header (or pseudo-header such as :path or :method) on the incoming HTTP request. Only
         available for HTTP request.
         Note: the pseudo-header :path includes the query and fragment string. Use the ``url_path``
         field if you want to match the URL path without the query and fragment string.
         
        .envoy.config.route.v3.HeaderMatcher header = 4;
        Specified by:
        getHeaderOrBuilder in interface PermissionOrBuilder
      • hasUrlPath

        public boolean hasUrlPath()
         A URL path on the incoming HTTP request. Only available for HTTP.
         
        .envoy.type.matcher.v3.PathMatcher url_path = 10;
        Specified by:
        hasUrlPath in interface PermissionOrBuilder
        Returns:
        Whether the urlPath field is set.
      • getUrlPath

        public PathMatcher getUrlPath()
         A URL path on the incoming HTTP request. Only available for HTTP.
         
        .envoy.type.matcher.v3.PathMatcher url_path = 10;
        Specified by:
        getUrlPath in interface PermissionOrBuilder
        Returns:
        The urlPath.
      • hasDestinationIp

        public boolean hasDestinationIp()
         A CIDR block that describes the destination IP.
         
        .envoy.config.core.v3.CidrRange destination_ip = 5;
        Specified by:
        hasDestinationIp in interface PermissionOrBuilder
        Returns:
        Whether the destinationIp field is set.
      • getDestinationIp

        public CidrRange getDestinationIp()
         A CIDR block that describes the destination IP.
         
        .envoy.config.core.v3.CidrRange destination_ip = 5;
        Specified by:
        getDestinationIp in interface PermissionOrBuilder
        Returns:
        The destinationIp.
      • hasDestinationPort

        public boolean hasDestinationPort()
         A port number that describes the destination port connecting to.
         
        uint32 destination_port = 6 [(.validate.rules) = { ... }
        Specified by:
        hasDestinationPort in interface PermissionOrBuilder
        Returns:
        Whether the destinationPort field is set.
      • getDestinationPort

        public int getDestinationPort()
         A port number that describes the destination port connecting to.
         
        uint32 destination_port = 6 [(.validate.rules) = { ... }
        Specified by:
        getDestinationPort in interface PermissionOrBuilder
        Returns:
        The destinationPort.
      • hasDestinationPortRange

        public boolean hasDestinationPortRange()
         A port number range that describes a range of destination ports connecting to.
         
        .envoy.type.v3.Int32Range destination_port_range = 11;
        Specified by:
        hasDestinationPortRange in interface PermissionOrBuilder
        Returns:
        Whether the destinationPortRange field is set.
      • getDestinationPortRange

        public Int32Range getDestinationPortRange()
         A port number range that describes a range of destination ports connecting to.
         
        .envoy.type.v3.Int32Range destination_port_range = 11;
        Specified by:
        getDestinationPortRange in interface PermissionOrBuilder
        Returns:
        The destinationPortRange.
      • hasMetadata

        public boolean hasMetadata()
         Metadata that describes additional information about the action.
         
        .envoy.type.matcher.v3.MetadataMatcher metadata = 7;
        Specified by:
        hasMetadata in interface PermissionOrBuilder
        Returns:
        Whether the metadata field is set.
      • getMetadata

        public MetadataMatcher getMetadata()
         Metadata that describes additional information about the action.
         
        .envoy.type.matcher.v3.MetadataMatcher metadata = 7;
        Specified by:
        getMetadata in interface PermissionOrBuilder
        Returns:
        The metadata.
      • hasNotRule

        public boolean hasNotRule()
         Negates matching the provided permission. For instance, if the value of
         ``not_rule`` would match, this permission would not match. Conversely, if
         the value of ``not_rule`` would not match, this permission would match.
         
        .envoy.config.rbac.v3.Permission not_rule = 8;
        Specified by:
        hasNotRule in interface PermissionOrBuilder
        Returns:
        Whether the notRule field is set.
      • getNotRule

        public Permission getNotRule()
         Negates matching the provided permission. For instance, if the value of
         ``not_rule`` would match, this permission would not match. Conversely, if
         the value of ``not_rule`` would not match, this permission would match.
         
        .envoy.config.rbac.v3.Permission not_rule = 8;
        Specified by:
        getNotRule in interface PermissionOrBuilder
        Returns:
        The notRule.
      • getNotRuleOrBuilder

        public PermissionOrBuilder getNotRuleOrBuilder()
         Negates matching the provided permission. For instance, if the value of
         ``not_rule`` would match, this permission would not match. Conversely, if
         the value of ``not_rule`` would not match, this permission would match.
         
        .envoy.config.rbac.v3.Permission not_rule = 8;
        Specified by:
        getNotRuleOrBuilder in interface PermissionOrBuilder
      • hasRequestedServerName

        public boolean hasRequestedServerName()
         The request server from the client's connection request. This is
         typically TLS SNI.
        
         .. attention::
        
         The behavior of this field may be affected by how Envoy is configured
         as explained below.
        
         * If the :ref:`TLS Inspector <config_listener_filters_tls_inspector>`
         filter is not added, and if a ``FilterChainMatch`` is not defined for
         the :ref:`server name
         <envoy_v3_api_field_config.listener.v3.FilterChainMatch.server_names>`,
         a TLS connection's requested SNI server name will be treated as if it
         wasn't present.
        
         * A :ref:`listener filter <arch_overview_listener_filters>` may
         overwrite a connection's requested server name within Envoy.
        
         Please refer to :ref:`this FAQ entry <faq_how_to_setup_sni>` to learn to
         setup SNI.
         
        .envoy.type.matcher.v3.StringMatcher requested_server_name = 9;
        Specified by:
        hasRequestedServerName in interface PermissionOrBuilder
        Returns:
        Whether the requestedServerName field is set.
      • getRequestedServerName

        public StringMatcher getRequestedServerName()
         The request server from the client's connection request. This is
         typically TLS SNI.
        
         .. attention::
        
         The behavior of this field may be affected by how Envoy is configured
         as explained below.
        
         * If the :ref:`TLS Inspector <config_listener_filters_tls_inspector>`
         filter is not added, and if a ``FilterChainMatch`` is not defined for
         the :ref:`server name
         <envoy_v3_api_field_config.listener.v3.FilterChainMatch.server_names>`,
         a TLS connection's requested SNI server name will be treated as if it
         wasn't present.
        
         * A :ref:`listener filter <arch_overview_listener_filters>` may
         overwrite a connection's requested server name within Envoy.
        
         Please refer to :ref:`this FAQ entry <faq_how_to_setup_sni>` to learn to
         setup SNI.
         
        .envoy.type.matcher.v3.StringMatcher requested_server_name = 9;
        Specified by:
        getRequestedServerName in interface PermissionOrBuilder
        Returns:
        The requestedServerName.
      • getRequestedServerNameOrBuilder

        public StringMatcherOrBuilder getRequestedServerNameOrBuilder()
         The request server from the client's connection request. This is
         typically TLS SNI.
        
         .. attention::
        
         The behavior of this field may be affected by how Envoy is configured
         as explained below.
        
         * If the :ref:`TLS Inspector <config_listener_filters_tls_inspector>`
         filter is not added, and if a ``FilterChainMatch`` is not defined for
         the :ref:`server name
         <envoy_v3_api_field_config.listener.v3.FilterChainMatch.server_names>`,
         a TLS connection's requested SNI server name will be treated as if it
         wasn't present.
        
         * A :ref:`listener filter <arch_overview_listener_filters>` may
         overwrite a connection's requested server name within Envoy.
        
         Please refer to :ref:`this FAQ entry <faq_how_to_setup_sni>` to learn to
         setup SNI.
         
        .envoy.type.matcher.v3.StringMatcher requested_server_name = 9;
        Specified by:
        getRequestedServerNameOrBuilder in interface PermissionOrBuilder
      • hasMatcher

        public boolean hasMatcher()
         Extension for configuring custom matchers for RBAC.
         [#extension-category: envoy.rbac.matchers]
         
        .envoy.config.core.v3.TypedExtensionConfig matcher = 12;
        Specified by:
        hasMatcher in interface PermissionOrBuilder
        Returns:
        Whether the matcher field is set.
      • getMatcher

        public TypedExtensionConfig getMatcher()
         Extension for configuring custom matchers for RBAC.
         [#extension-category: envoy.rbac.matchers]
         
        .envoy.config.core.v3.TypedExtensionConfig matcher = 12;
        Specified by:
        getMatcher in interface PermissionOrBuilder
        Returns:
        The matcher.
      • hasUriTemplate

        public boolean hasUriTemplate()
         URI template path matching.
         [#extension-category: envoy.path.match]
         
        .envoy.config.core.v3.TypedExtensionConfig uri_template = 13;
        Specified by:
        hasUriTemplate in interface PermissionOrBuilder
        Returns:
        Whether the uriTemplate field is set.
      • getUriTemplate

        public TypedExtensionConfig getUriTemplate()
         URI template path matching.
         [#extension-category: envoy.path.match]
         
        .envoy.config.core.v3.TypedExtensionConfig uri_template = 13;
        Specified by:
        getUriTemplate in interface PermissionOrBuilder
        Returns:
        The uriTemplate.
      • isInitialized

        public final boolean isInitialized()
        Specified by:
        isInitialized in interface com.google.protobuf.MessageLiteOrBuilder
        Overrides:
        isInitialized in class com.google.protobuf.GeneratedMessage
      • writeTo

        public void writeTo​(com.google.protobuf.CodedOutputStream output)
                     throws java.io.IOException
        Specified by:
        writeTo in interface com.google.protobuf.MessageLite
        Overrides:
        writeTo in class com.google.protobuf.GeneratedMessage
        Throws:
        java.io.IOException
      • getSerializedSize

        public int getSerializedSize()
        Specified by:
        getSerializedSize in interface com.google.protobuf.MessageLite
        Overrides:
        getSerializedSize in class com.google.protobuf.GeneratedMessage
      • equals

        public boolean equals​(java.lang.Object obj)
        Specified by:
        equals in interface com.google.protobuf.Message
        Overrides:
        equals in class com.google.protobuf.AbstractMessage
      • hashCode

        public int hashCode()
        Specified by:
        hashCode in interface com.google.protobuf.Message
        Overrides:
        hashCode in class com.google.protobuf.AbstractMessage
      • parseFrom

        public static Permission parseFrom​(java.nio.ByteBuffer data)
                                    throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException
      • parseFrom

        public static Permission parseFrom​(java.nio.ByteBuffer data,
                                           com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                                    throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException
      • parseFrom

        public static Permission parseFrom​(com.google.protobuf.ByteString data)
                                    throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException
      • parseFrom

        public static Permission parseFrom​(com.google.protobuf.ByteString data,
                                           com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                                    throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException
      • parseFrom

        public static Permission parseFrom​(byte[] data)
                                    throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException
      • parseFrom

        public static Permission parseFrom​(byte[] data,
                                           com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                                    throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException
      • parseFrom

        public static Permission parseFrom​(java.io.InputStream input)
                                    throws java.io.IOException
        Throws:
        java.io.IOException
      • parseFrom

        public static Permission parseFrom​(java.io.InputStream input,
                                           com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                                    throws java.io.IOException
        Throws:
        java.io.IOException
      • parseDelimitedFrom

        public static Permission parseDelimitedFrom​(java.io.InputStream input)
                                             throws java.io.IOException
        Throws:
        java.io.IOException
      • parseDelimitedFrom

        public static Permission parseDelimitedFrom​(java.io.InputStream input,
                                                    com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                                             throws java.io.IOException
        Throws:
        java.io.IOException
      • parseFrom

        public static Permission parseFrom​(com.google.protobuf.CodedInputStream input)
                                    throws java.io.IOException
        Throws:
        java.io.IOException
      • parseFrom

        public static Permission parseFrom​(com.google.protobuf.CodedInputStream input,
                                           com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                                    throws java.io.IOException
        Throws:
        java.io.IOException
      • newBuilderForType

        public Permission.Builder newBuilderForType()
        Specified by:
        newBuilderForType in interface com.google.protobuf.Message
        Specified by:
        newBuilderForType in interface com.google.protobuf.MessageLite
      • toBuilder

        public Permission.Builder toBuilder()
        Specified by:
        toBuilder in interface com.google.protobuf.Message
        Specified by:
        toBuilder in interface com.google.protobuf.MessageLite
      • newBuilderForType

        protected Permission.Builder newBuilderForType​(com.google.protobuf.AbstractMessage.BuilderParent parent)
        Overrides:
        newBuilderForType in class com.google.protobuf.AbstractMessage
      • getDefaultInstance

        public static Permission getDefaultInstance()
      • parser

        public static com.google.protobuf.Parser<Permission> parser()
      • getParserForType

        public com.google.protobuf.Parser<Permission> getParserForType()
        Specified by:
        getParserForType in interface com.google.protobuf.Message
        Specified by:
        getParserForType in interface com.google.protobuf.MessageLite
        Overrides:
        getParserForType in class com.google.protobuf.GeneratedMessage
      • getDefaultInstanceForType

        public Permission getDefaultInstanceForType()
        Specified by:
        getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder
        Specified by:
        getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder