org.wildfly.security.permission.ElytronPermission Maven / Gradle / Ivy
/*
* JBoss, Home of Professional Open Source.
* Copyright 2014 Red Hat, Inc., and individual contributors
* as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.wildfly.security.permission;
import org.wildfly.common.Assert;
import org.wildfly.security.util.StringEnumeration;
import org.wildfly.security.util.StringMapping;
/**
* A general Elytron permission. The permission {@code name} must be one of the following:
*
* - {@code authenticate}
* - {@code createAuthenticator}
* - {@code createAuthenticationContextConfigurationClient}
* - {@code createSecurityDomain}
* - {@code createSecurityRealm}
* - {@code registerSecurityDomain}
* - {@code getSecurityDomain}
* - {@code unregisterSecurityDomain}
* - {@code setRunAsPrincipal}
* - {@code createServerAuthenticationContext}
* - {@code getPrivateCredentials}
* - {@code getIdentity}
* - {@code getIdentityForUpdate}
* - {@code createAdHocIdentity}
* - {@code withDefaultRoleMapper}
* - {@code handleSecurityEvent}
*
* The {@code actions} are not used and should be empty or {@code null}.
*
* @author David M. Lloyd
*/
public final class ElytronPermission extends AbstractNameSetOnlyPermission {
private static final long serialVersionUID = 6124294238228442419L;
private static final StringEnumeration strings = StringEnumeration.of(
"authenticate",
"createAuthenticator",
"createAuthenticationContextConfigurationClient",
"createSecurityDomain",
"createSecurityRealm",
"registerSecurityDomain",
"getSecurityDomain",
"unregisterSecurityDomain",
"setRunAsPrincipal",
"createServerAuthenticationContext",
"getPrivateCredentials",
"getIdentity",
"getIdentityForUpdate",
"createAdHocIdentity",
"withDefaultRoleMapper",
"handleSecurityEvent"
);
static final StringMapping mapping = new StringMapping<>(strings, ElytronPermission::new);
private static final ElytronPermission allPermission = new ElytronPermission("*");
/**
* Construct a new instance.
*
* @param name the name of the permission
*/
public ElytronPermission(final String name) {
this(name, null);
}
/**
* Construct a new instance.
*
* @param name the name of the permission
* @param actions the actions (should be empty)
*/
public ElytronPermission(final String name, final String actions) {
super(name, strings);
requireEmptyActions(actions);
}
public ElytronPermission withName(final String name) {
return forName(name);
}
/**
* Get the permission with the given name.
*
* @param name the name (must not be {@code null})
* @return the permission (not {@code null})
* @throws IllegalArgumentException if the name is not valid
*/
public static ElytronPermission forName(final String name) {
Assert.checkNotNullParam("name", name);
return name.equals("*") ? allPermission : mapping.getItemByString(name);
}
}