• Home
• org.wildfly.security
• wildfly-elytron
• 2.6.0.Final
• source code
• RoleMapper.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.wildfly.security.authz.RoleMapper Maven / Gradle / Ivy

/*
 * JBoss, Home of Professional Open Source
 *
 * Copyright 2013 Red Hat, Inc. and/or its affiliates.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.wildfly.security.authz;

import org.wildfly.common.Assert;

/**
 * A role mapper is responsible for mapping roles based on their raw form.
 * 

 * Roles are basically represented as {@link String} values, where these values are their names. Role mapping allows to transform roles
 * from their raw form (eg.: just like they were loaded from a identity store such as a database or LDAP server) in a more consistent
 * form.
 *
 * @author Pedro Igor
 */
@FunctionalInterface
public interface RoleMapper {

    /**
     * Returns a set of strings representing the roles mapped from the given roles in their raw form.
     *
     * @param rolesToMap the roles in their raw form to apply mapping
     * @return the mapped role set
     */
    Roles mapRoles(Roles rolesToMap);

    /**
     * A default implementation that does nothing but return the given roles.
     */
    RoleMapper IDENTITY_ROLE_MAPPER = rolesToMap -> rolesToMap;

    /**
     * Create a role mapper which is the intersection (logical "and") of the results of this and the given role mapper.
     *
     * @param other the other role mapper
     * @return the intersection role mapper
     */
    default RoleMapper and(RoleMapper other) {
        Assert.checkNotNullParam("other", other);
        return rolesToMap -> mapRoles(rolesToMap).and(other.mapRoles(rolesToMap));
    }

    /**
     * Create a role mapper which is the union (logical "or") of the results of this and the given role mapper.
     *
     * @param other the other role mapper
     * @return the union role mapper
     */
    default RoleMapper or(RoleMapper other) {
        Assert.checkNotNullParam("other", other);
        return rolesToMap -> mapRoles(rolesToMap).or(other.mapRoles(rolesToMap));
    }

    /**
     * Create a role mapper which is the symmetric difference (or disjunction, or logical "xor") of the results of this
     * and the given role mapper.
     *
     * @param other the other role mapper
     * @return the difference role mapper
     */
    default RoleMapper xor(RoleMapper other) {
        Assert.checkNotNullParam("other", other);
        return rolesToMap -> mapRoles(rolesToMap).xor(other.mapRoles(rolesToMap));
    }

    /**
     * Create a role mapper which contains all the roles mapped by this mapper, minus the roles mapped by the given
     * role mapper.
     *
     * @param other the other role mapper
     * @return the difference role mapper
     */
    default RoleMapper minus(RoleMapper other) {
        Assert.checkNotNullParam("other", other);
        return rolesToMap -> mapRoles(rolesToMap).minus(other.mapRoles(rolesToMap));
    }

    /**
     * Create an aggregate role mapper.  Each role mapper is applied in order.
     *
     * @param mapper1 the first role mapper to apply (must not be {@code null})
     * @param mapper2 the second role mapper to apply (must not be {@code null})
     * @return the aggregate role mapper (not {@code null})
     */
    static RoleMapper aggregate(RoleMapper mapper1, RoleMapper mapper2) {
        Assert.checkNotNullParam("mapper1", mapper1);
        Assert.checkNotNullParam("mapper2", mapper2);
        return rolesToMap -> mapper2.mapRoles(mapper1.mapRoles(rolesToMap));
    }

    /**
     * Create an aggregate role mapper.  Each role mapper is applied in order.
     *
     * @param mappers the role mappers to apply (most not be {@code null} or contain {@code null} elements)
     * @return the aggregate role mapper (not {@code null})
     */
    static RoleMapper aggregate(RoleMapper... mappers) {
        Assert.checkNotNullParam("mappers", mappers);
        final RoleMapper[] clone = mappers.clone();
        for (int i = 0; i < clone.length; i++) {
            Assert.checkNotNullArrayParam("mappers", i, clone[i]);
        }
        return rolesToMap -> {
            for (RoleMapper r : clone) rolesToMap = r.mapRoles(rolesToMap);
            return rolesToMap;
        };
    }

    /**
     * Create a role mapper that always returns the same set of roles regardless of the input.
     *
     * @param roles the set of roles to always be returned (must not be {@code null})
     * @return the constant role mapper (not {@code null})
     */
    static RoleMapper constant(Roles roles) {
        Assert.checkNotNullParam("roles", roles);
        return rolesToMap -> roles;
    }
}