io.quarkus.security.PermissionChecker Maven / Gradle / Ivy
The newest version!
package io.quarkus.security;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* Annotation that can be used to annotate a CDI bean method that checks
* if a {@link io.quarkus.security.identity.SecurityIdentity} holds a permission specified by the {@link #value()}.
* For example:
*
* {@code
* @Path("hello")
* public class HelloResource {
*
* @PermissionsAllowed("speak")
* @GET
* public String sayHello() {
* return "Hello World!";
* }
*
* @PermissionChecker("speak")
* public boolean canSpeak(SecurityIdentity identity) {
* return "speaker".equals(identity.getPrincipal().getName());
* }
* }
* }
*
* The permission checker methods can include any of secured method parameters (matched by name).
* Consider the following secured method:
*
* {@code
* @PermissionsAllowed("update")
* public String updateString(String a, String b, String c, String d) {
* ...
* }
* }
*
* The permission checker that grants access to the {@code updateString} method can inject
* any arguments it requires and optionally even {@link io.quarkus.security.identity.SecurityIdentity}:
*
* {@code
* @PermissionChecker("update")
* public boolean canUpdate(String c, String a, SecurityIdentity identity) {
* ...
* }
* }
*
* The permission checker method parameters are matched with the secured method parameters in exactly same fashion
* as are constructor parameters of a custom permission. Please see {@link PermissionsAllowed#params()} for more information.
*/
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface PermissionChecker {
/**
* Specifies a permission this checker grants.
*
* @see PermissionsAllowed#value()
* @return name of the permission this checker grants
*/
String value();
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy