Package com.cedarpolicy.model

Class AuthorizationResponse

java.lang.Object

com.cedarpolicy.model.AuthorizationResponse

public final class AuthorizationResponse
extends Object

The result of processing an AuthorizationRequest. The answer to the request is contained in the decision field. Decision will be set to NoDecision in the event of a parse error in submitted slice. The reasons field contains all the policies that caused Cedar to make a decision. The field advice contains the Advice String for each policy in reasons. The field errors contains a list of errors encountered during request processing. Some errors will still result in a decision being reached, please see the Cedar Spec for more information.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static enum	AuthorizationResponse.Decision	The three possible results of request evaluation.
static class	AuthorizationResponse.Diagnostics	The reasons and errors from a request evaluation.

Constructor Summary

Constructors

Constructor	Description
AuthorizationResponse(AuthorizationResponse.Decision decision, AuthorizationResponse.Diagnostics diagnostics)	Construct an authorization response.

Method Summary

Modifier and Type	Method	Description
AuthorizationResponse.Decision	getDecision()	Result of the request evaluation.
List<String>	getErrors()	Set of errors and warnings returned by Cedar.
Set<String>	getReasons()	Set of policyID's that caused the decision.
boolean	isAllowed()	Check authorization decision.
boolean	reachedDecision()	Check if the evaluator was able to reach a decision.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

AuthorizationResponse

public AuthorizationResponse(AuthorizationResponse.Decision decision,
 AuthorizationResponse.Diagnostics diagnostics)

Construct an authorization response.

Parameters:

decision - authorization decision for the given request

diagnostics - a collection of policies that contributed to the result and any errors that might have happened during evaluation

Method Details

getDecision

public AuthorizationResponse.Decision getDecision()

Result of the request evaluation.

Returns:

AuthorizationResponse.Decision that contains the result for a given request

getReasons

public Set<String> getReasons()

Set of policyID's that caused the decision. For example, when a policy evaluates to Deny, all deny policies that evaluated to True will appear in Reasons.

Returns:

list with the policy ids that contributed to the decision

getErrors

public List<String> getErrors()

Set of errors and warnings returned by Cedar.

Returns:

list with errors that happened for a given Request

isAllowed

public boolean isAllowed()

Check authorization decision.

Returns:

true if the request evaluated to Allow.

reachedDecision

public boolean reachedDecision()

Check if the evaluator was able to reach a decision.

Returns:

true if the request evaluated to either Allow or Deny.