001package com.identityworksllc.iiq.common.plugin; 002 003import sailpoint.authorization.UnauthorizedAccessException; 004import sailpoint.tools.GeneralException; 005 006/** 007 * A functional interface to handle plugin REST API authorization. 008 * 009 * You may invoke this in your class that extends {@link BaseCommonPluginResource} 010 * by passing it to {@link BaseCommonPluginResource#setPluginAuthorizationCheck(PluginAuthorizationCheck)} 011 * in the class's constructor. Any supplied {@link PluginAuthorizationCheck} will be invoked at the start of `handle()`. 012 * 013 * Your plugin class can also _implement_ this interface, with the same effect. 014 */ 015@FunctionalInterface 016public interface PluginAuthorizationCheck { 017 /** 018 * Executes the authorization check, intended to throw a {@link UnauthorizedAccessException} if not allowed 019 * 020 * @throws UnauthorizedAccessException If anything fails 021 * @throws GeneralException if anything goes wrong 022 */ 023 void checkAccess() throws GeneralException; 024}