com.datahub.plugins.auth.authorization.Authorizer Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of datahub-auth-api Show documentation
Show all versions of datahub-auth-api Show documentation
DataHub Auth API for developers to write custom Authentication & Authorization plugins for DataHub
package com.datahub.plugins.auth.authorization;
import com.datahub.authorization.AuthorizationRequest;
import com.datahub.authorization.AuthorizationResult;
import com.datahub.authorization.AuthorizedActors;
import com.datahub.authorization.AuthorizerContext;
import com.datahub.authorization.EntitySpec;
import com.datahub.plugins.Plugin;
import java.util.Map;
import java.util.Optional;
import javax.annotation.Nonnull;
/**
* An Authorizer is responsible for determining whether an actor should be granted a specific
* privilege.
*/
public interface Authorizer extends Plugin {
/**
* Initialize the Authorizer. Invoked once at boot time.
*
* @param authorizerConfig config provided to the authenticator derived from the Metadata Service
* YAML config. This config comes from the "authorization.authorizers.config" configuration.
*/
void init(
@Nonnull final Map authorizerConfig, @Nonnull final AuthorizerContext ctx);
/** Authorizes an action based on the actor, the resource, and required privileges. */
AuthorizationResult authorize(@Nonnull final AuthorizationRequest request);
/**
* Retrieves the current list of actors authorized to for a particular privilege against an
* optional resource
*/
AuthorizedActors authorizedActors(
final String privilege, final Optional resourceSpec);
}