Class AccessCheckInput
- java.lang.Object
-
- com.identityworksllc.iiq.common.access.AccessCheckInput
-
public final class AccessCheckInput extends Object
Access check input
-
-
Constructor Summary
Constructors Constructor Description AccessCheckInput()
Constructs a basic access check inputAccessCheckInput(AccessCheckInput parent, CommonSecurityConfig config)
Copy constructor allowing override of an inputAccessCheckInput(sailpoint.web.UserContext userContext, CommonSecurityConfig config)
Access check input taking a plugin or targetAccessCheckInput(sailpoint.web.UserContext userContext, sailpoint.object.Identity target, CommonSecurityConfig config)
Access check input taking a plugin or targetAccessCheckInput(sailpoint.web.UserContext userContext, sailpoint.object.Identity target, String thingName, CommonSecurityConfig config)
Access check input taking a plugin or targetAccessCheckInput(sailpoint.web.UserContext userContext, sailpoint.object.Identity target, String thingName, CommonSecurityConfig config, Map<String,Object> state)
Access check input taking a plugin or target
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description CommonSecurityConfig
getConfiguration()
Gets the configuration objectsailpoint.web.UserContext
getPluginResource()
Deprecated.UsegetUserContext()
insteadMap<String,Object>
getState()
Gets the stateMap
sailpoint.object.Identity
getTarget()
Gets the stored target Identity if one exists.String
getThingName()
Gets the currently configured thing namesailpoint.web.UserContext
getUserContext()
Gets the user contextboolean
isDebug()
Returns the value of the debug flag on this access check requestAccessCheckInput
putState(String name, Object value)
Puts a value into the access check state mapAccessCheckInput
setConfiguration(CommonSecurityConfig configuration)
Sets the common security configurationAccessCheckInput
setConfiguration(Map<String,Object> configuration)
Sets the common security configuration as a Map, which will be decoded.AccessCheckInput
setDebug(boolean debug)
Sets the debug flag on the access checkAccessCheckInput
setPluginResource(sailpoint.rest.plugin.BasePluginResource pluginResource)
Deprecated.AccessCheckInput
setState(Map<String,Object> state)
Sets the state map, which will be provided to any access check rules or access check scripts.AccessCheckInput
setTarget(String targetName)
Sets the target name or ID.AccessCheckInput
setTarget(sailpoint.object.Identity target)
Sets the target Identity and target nameAccessCheckInput
setThingName(String thingName)
Sets the thing name, for caching and display purposesAccessCheckInput
setUserContext(sailpoint.web.UserContext userContext)
Sets the user context, containing the ‘subject’ of the access checkvoid
validate()
Validates the configuration before it executes
-
-
-
Constructor Detail
-
AccessCheckInput
public AccessCheckInput()
Constructs a basic access check input
-
AccessCheckInput
public AccessCheckInput(AccessCheckInput parent, CommonSecurityConfig config)
Copy constructor allowing override of an input- Parameters:
parent
- The parent configconfig
- The ‘child’ config to replace with
-
AccessCheckInput
public AccessCheckInput(sailpoint.web.UserContext userContext, CommonSecurityConfig config)
Access check input taking a plugin or target- Parameters:
userContext
- The user context (likely a BasePluginResource)config
- The config
-
AccessCheckInput
public AccessCheckInput(sailpoint.web.UserContext userContext, sailpoint.object.Identity target, CommonSecurityConfig config)
Access check input taking a plugin or target- Parameters:
userContext
- The user context (likely a BasePluginResource)target
- The targetconfig
- The config
-
AccessCheckInput
public AccessCheckInput(sailpoint.web.UserContext userContext, sailpoint.object.Identity target, String thingName, CommonSecurityConfig config)
Access check input taking a plugin or target- Parameters:
userContext
- The user context (likely a BasePluginResource)target
- The targetthingName
- The thing nameconfig
- The config
-
AccessCheckInput
public AccessCheckInput(sailpoint.web.UserContext userContext, sailpoint.object.Identity target, String thingName, CommonSecurityConfig config, Map<String,Object> state)
Access check input taking a plugin or target- Parameters:
userContext
- The user context (likely aBasePluginResource
orDummyAuthContext
)target
- The targetthingName
- The thing nameconfig
- The configstate
- Any persistent state in the access checks
-
-
Method Detail
-
getConfiguration
public CommonSecurityConfig getConfiguration()
Gets the configuration object- Returns:
- The common security configuration object
- See Also:
CommonSecurityConfig
-
getPluginResource
@Deprecated public sailpoint.web.UserContext getPluginResource()
Deprecated.UsegetUserContext()
instead- Returns:
- The configured plugin resource / user context
-
getTarget
public sailpoint.object.Identity getTarget() throws sailpoint.tools.GeneralException
Gets the stored target Identity if one exists.If one does not exist, returns the subject Identity.
- Returns:
- The target Identity
- Throws:
sailpoint.tools.GeneralException
- if anything fails
-
getThingName
public String getThingName()
Gets the currently configured thing name- Returns:
- The configured thing name
-
getUserContext
public sailpoint.web.UserContext getUserContext()
Gets the user context- Returns:
- The user context, containing the subject user
-
isDebug
public boolean isDebug()
Returns the value of the debug flag on this access check request- Returns:
- The debug flag
-
putState
public AccessCheckInput putState(String name, Object value)
Puts a value into the access check state map- Parameters:
name
- The keyvalue
- The value- Returns:
- This object, for chaining
-
setConfiguration
public AccessCheckInput setConfiguration(Map<String,Object> configuration) throws sailpoint.tools.GeneralException
Sets the common security configuration as a Map, which will be decoded.- Parameters:
configuration
- The configuration to decode and store- Returns:
- This object, for chaining
- Throws:
sailpoint.tools.GeneralException
- if the configuration cannot be decoded- See Also:
CommonSecurityConfig.decode(Map)
,ObjectMapper.decode(Map)
-
setConfiguration
public AccessCheckInput setConfiguration(CommonSecurityConfig configuration)
Sets the common security configuration- Parameters:
configuration
- The common security configuration- Returns:
- This object, for chaining
-
setDebug
public AccessCheckInput setDebug(boolean debug)
Sets the debug flag on the access check- Parameters:
debug
- The debug flag to set
-
setPluginResource
@Deprecated public AccessCheckInput setPluginResource(sailpoint.rest.plugin.BasePluginResource pluginResource) throws sailpoint.tools.GeneralException
Deprecated.Sets the plugin resource, simply forwarding tosetUserContext(UserContext)
, becauseBasePluginResource
is an instance ofUserContext
.- Parameters:
pluginResource
- The plugin resource to set- Returns:
- This object, for chaining
- Throws:
sailpoint.tools.GeneralException
- if a targetName has been set and loading the Identity fails
-
setState
public AccessCheckInput setState(Map<String,Object> state)
Sets the state map, which will be provided to any access check rules or access check scripts.- Parameters:
state
- The access check state to set; this map will be copied- Returns:
- This object, for chaining
-
setTarget
public AccessCheckInput setTarget(sailpoint.object.Identity target)
Sets the target Identity and target name- Parameters:
target
- The target Identity- Returns:
- This object, for chaining
-
setTarget
public AccessCheckInput setTarget(String targetName)
Sets the target name or ID.This will be resolved to an
Identity
on the first call togetTarget()
.- Parameters:
targetName
- The target’s name or ID- Returns:
- This object, for chaining
-
setThingName
public AccessCheckInput setThingName(String thingName)
Sets the thing name, for caching and display purposes- Parameters:
thingName
- The thing name- Returns:
- This object, for chaining
-
setUserContext
public AccessCheckInput setUserContext(sailpoint.web.UserContext userContext)
Sets the user context, containing the ‘subject’ of the access check- Parameters:
userContext
- The context specifying the subject of the access check- Returns:
- This object, for chaining
-
validate
public void validate() throws AccessCheckException
Validates the configuration before it executes- Throws:
AccessCheckException
- if validation fails
-
-