Package com.identityworksllc.iiq.common.access

Class AccessCheckInput

    • Constructor Detail

      • AccessCheckInput

        public AccessCheckInput()
        Constructs a basic access check input

      • AccessCheckInput

        public AccessCheckInput​(sailpoint.web.UserContext userContext,
                        CommonSecurityConfig config)
        Access check input taking a plugin or target
        Parameters:
        userContext - The user context (likely a BasePluginResource)
        config - The config

      • AccessCheckInput

        public AccessCheckInput​(sailpoint.web.UserContext userContext,
                        sailpoint.object.Identity target,
                        CommonSecurityConfig config)
        Access check input taking a plugin or target
        Parameters:
        userContext - The user context (likely a BasePluginResource)
        target - The target
        config - The config

      • AccessCheckInput

        public AccessCheckInput​(sailpoint.web.UserContext userContext,
                        sailpoint.object.Identity target,
                        String thingName,
                        CommonSecurityConfig config)
        Access check input taking a plugin or target
        Parameters:
        userContext - The user context (likely a BasePluginResource)
        target - The target
        thingName - The thing name
        config - The config

      • AccessCheckInput

        public AccessCheckInput​(sailpoint.web.UserContext userContext,
                        sailpoint.object.Identity target,
                        String thingName,
                        CommonSecurityConfig config,
                        Map<String,​Object> state)
        Access check input taking a plugin or target
        Parameters:
        userContext - The user context (likely a BasePluginResource or DummyAuthContext)
        target - The target
        thingName - The thing name
        config - The config
        state - Any persistent state in the access checks

    • Method Detail

      • getTarget

        public sailpoint.object.Identity getTarget()
                                    throws sailpoint.tools.GeneralException
        Gets the stored target Identity if one exists.

        If one does not exist, returns the subject Identity.

        Returns:
        The target Identity
        Throws:
        sailpoint.tools.GeneralException - if anything fails

      • getThingName

        public String getThingName()
        Gets the currently configured thing name
        Returns:
        The configured thing name

      • getUserContext

        public sailpoint.web.UserContext getUserContext()
        Gets the user context
        Returns:
        The user context, containing the subject user

      • isDebug

        public boolean isDebug()
        Returns the value of the debug flag on this access check request
        Returns:
        The debug flag

      • putState

        public AccessCheckInput putState​(String name,
                                 Object value)
        Puts a value into the access check state map
        Parameters:
        name - The key
        value - The value
        Returns:
        This object, for chaining

      • setDebug

        public AccessCheckInput setDebug​(boolean debug)
        Sets the debug flag on the access check
        Parameters:
        debug - The debug flag to set

      • setPluginResource

        @Deprecated
public AccessCheckInput setPluginResource​(sailpoint.rest.plugin.BasePluginResource pluginResource)
                                   throws sailpoint.tools.GeneralException
        Deprecated.
        Sets the plugin resource, simply forwarding to setUserContext(UserContext), because BasePluginResource is an instance of UserContext.
        Parameters:
        pluginResource - The plugin resource to set
        Returns:
        This object, for chaining
        Throws:
        sailpoint.tools.GeneralException - if a targetName has been set and loading the Identity fails

      • setState

        public AccessCheckInput setState​(Map<String,​Object> state)
        Sets the state map, which will be provided to any access check rules or access check scripts.
        Parameters:
        state - The access check state to set; this map will be copied
        Returns:
        This object, for chaining

      • setTarget

        public AccessCheckInput setTarget​(sailpoint.object.Identity target)
        Sets the target Identity and target name
        Parameters:
        target - The target Identity
        Returns:
        This object, for chaining

      • setTarget

        public AccessCheckInput setTarget​(String targetName)
        Sets the target name or ID.

        This will be resolved to an Identity on the first call to getTarget().

        Parameters:
        targetName - The target’s name or ID
        Returns:
        This object, for chaining

      • setThingName

        public AccessCheckInput setThingName​(String thingName)
        Sets the thing name, for caching and display purposes
        Parameters:
        thingName - The thing name
        Returns:
        This object, for chaining

      • setUserContext

        public AccessCheckInput setUserContext​(sailpoint.web.UserContext userContext)
        Sets the user context, containing the ‘subject’ of the access check
        Parameters:
        userContext - The context specifying the subject of the access check
        Returns:
        This object, for chaining