Package com.cedarpolicy

Class BasicAuthorizationEngine

java.lang.Object

com.cedarpolicy.BasicAuthorizationEngine

All Implemented Interfaces:

AuthorizationEngine

public final class BasicAuthorizationEngine
extends Object
implements AuthorizationEngine

An authorization engine that is compiled in process. Communicated with via JNI.

Constructor Summary

Constructors

Constructor	Description
BasicAuthorizationEngine()	Construct a basic authorization engine.

Method Summary

Modifier and Type	Method	Description
AuthorizationResponse	isAuthorized(AuthorizationRequest q, Slice slice)	Asks whether the given AuthorizationRequest q is approved by the policies and entity hierarchy given in the slice.
ValidationResponse	validate(ValidationRequest q)	Asks whether the policies in the given ValidationRequest q are correct when validated against the schema it describes.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

BasicAuthorizationEngine

public BasicAuthorizationEngine()

Construct a basic authorization engine.

Method Details

isAuthorized

public AuthorizationResponse isAuthorized(AuthorizationRequest q,
 Slice slice)
                                   throws AuthException

Description copied from interface: AuthorizationEngine

Asks whether the given AuthorizationRequest q is approved by the policies and entity hierarchy given in the slice.

Specified by:

isAuthorized in interface AuthorizationEngine

Parameters:

q - The request to evaluate

slice - The slice to evaluate against

Returns:

The result of the request evaluation

Throws:

AuthException - On failure to make the authorization request. Note that errors inside the authorization engine are included in the errors field on the AuthorizationResponse.

validate

public ValidationResponse validate(ValidationRequest q)
                            throws AuthException

Description copied from interface: AuthorizationEngine

Asks whether the policies in the given ValidationRequest q are correct when validated against the schema it describes.

Specified by:

validate in interface AuthorizationEngine

Parameters:

q - The request containing the policies to validate and the schema to validate them against.

Returns:

A ValidationResponse describing any validation errors found in the policies.

Throws:

BadRequestException - if any errors were found in the syntax of the policies.

AuthException - if any internal errors occurred while validating the policies.