Package org.casbin.jcasbin.rbac
Class DefaultRoleManager
java.lang.Object
org.casbin.jcasbin.rbac.DefaultRoleManager
- All Implemented Interfaces:
RoleManager
- Direct Known Subclasses:
ConditionalRoleManager
,GroupRoleManager
-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate static final String
(package private) BiPredicate
<String, String> private SyncedLRUCache
<String, Boolean> (package private) final int
-
Constructor Summary
ConstructorsConstructorDescriptionDefaultRoleManager
(int maxHierarchyLevel) DefaultRoleManager is the constructor for creating an instance of the default RoleManager implementation.DefaultRoleManager
(int maxHierarchyLevel, BiPredicate<String, String> matchingFunc, BiPredicate<String, String> domainMatchingFunc) In order to use a specific role name matching function, set explicitly the role manager on the Enforcer and rebuild role links (you can optimize by using minimal enforcer constructor). -
Method Summary
Modifier and TypeMethodDescriptionvoid
addDomainMatchingFunc
(String name, BiPredicate<String, String> domainMatchingFunc) addDomainMatchingFunc support use domain pattern in gvoid
addLink adds the inheritance link between role: name1 and role: name2.void
addMatchingFunc
(String name, BiPredicate<String, String> matchingFunc) addMatchingFunc support use pattern in g.void
clear()
clear clears all stored data and resets the role manager to the initial state.(package private) void
copyFrom
(DefaultRoleManager other) void
deleteLink
(String name1, String name2, String... domain) deleteLink deletes the inheritance link between role: name1 and role: name2.(package private) Role
getRoles gets the roles that a subject inherits.getUsers gets the users that inherits a subject.boolean
hasLink determines whether role: name1 inherits role: name2.private boolean
hasLinkHelper
(String targetName, Map<String, Role> roles, int level) (package private) boolean
void
printRoles prints all the roles to log.private void
rebuild()
(package private) void
removeRole
(String name) toString()
-
Field Details
-
DEFAULT_DOMAIN
- See Also:
-
allRoles
-
maxHierarchyLevel
final int maxHierarchyLevel -
matchingFunc
BiPredicate<String,String> matchingFunc -
matchingFuncCache
-
-
Constructor Details
-
DefaultRoleManager
public DefaultRoleManager(int maxHierarchyLevel) DefaultRoleManager is the constructor for creating an instance of the default RoleManager implementation.- Parameters:
maxHierarchyLevel
- the maximized allowed RBAC hierarchy level.
-
DefaultRoleManager
public DefaultRoleManager(int maxHierarchyLevel, BiPredicate<String, String> matchingFunc, BiPredicate<String, String> domainMatchingFunc) In order to use a specific role name matching function, set explicitly the role manager on the Enforcer and rebuild role links (you can optimize by using minimal enforcer constructor).final Enforcer e = new Enforcer("model.conf"); e.setAdapter(new FileAdapter("policies.csv")); e.setRoleManager(new DefaultRoleManager(10, BuiltInFunctions::domainMatch)); e.loadPolicy();
- Parameters:
maxHierarchyLevel
- the maximized allowed RBAC hierarchy level.matchingFunc
- a matcher for supporting pattern in gdomainMatchingFunc
- a matcher for supporting domain pattern in g
-
-
Method Details
-
addMatchingFunc
addMatchingFunc support use pattern in g.- Parameters:
name
- the name of the matching function.matchingFunc
- the matching function.
-
addDomainMatchingFunc
addDomainMatchingFunc support use domain pattern in g- Parameters:
name
- the name of the domain matching function.domainMatchingFunc
- the domain matching function.
-
rebuild
private void rebuild() -
match
-
getRole
-
removeRole
-
copyFrom
-
clear
public void clear()clear clears all stored data and resets the role manager to the initial state.- Specified by:
clear
in interfaceRoleManager
-
addLink
addLink adds the inheritance link between role: name1 and role: name2. aka role: name1 inherits role: name2. domain is a prefix to the roles.- Specified by:
addLink
in interfaceRoleManager
- Parameters:
name1
- the first role (or user).name2
- the second role.domain
- the domain the roles belong to.
-
deleteLink
deleteLink deletes the inheritance link between role: name1 and role: name2. aka role: name1 does not inherit role: name2 any more. domain is a prefix to the roles.- Specified by:
deleteLink
in interfaceRoleManager
- Parameters:
name1
- the first role (or user).name2
- the second role.domain
- the domain the roles belong to.
-
hasLink
hasLink determines whether role: name1 inherits role: name2. domain is a prefix to the roles.- Specified by:
hasLink
in interfaceRoleManager
- Parameters:
name1
- the first role (or a user).name2
- the second role.domain
- the domain the roles belong to.- Returns:
- whether name1 inherits name2 (name1 has role name2).
-
hasLinkHelper
-
getRoles
getRoles gets the roles that a subject inherits. domain is a prefix to the roles.- Specified by:
getRoles
in interfaceRoleManager
- Parameters:
name
- the user (or a role).domain
- the domain the roles belong to.- Returns:
- the roles.
-
getUsers
getUsers gets the users that inherits a subject.- Specified by:
getUsers
in interfaceRoleManager
- Parameters:
name
- the role.domain
- is a prefix to the users (can be used for other purposes).- Returns:
- the users.
-
toString
-
printRoles
public void printRoles()printRoles prints all the roles to log.- Specified by:
printRoles
in interfaceRoleManager
-