001package com.identityworksllc.iiq.common.plugin;
002
003import sailpoint.authorization.UnauthorizedAccessException;
004import sailpoint.tools.GeneralException;
005
006/**
007 * A functional interface to handle plugin REST API authorization.
008 *
009 * You may invoke this in your class that extends {@link BaseCommonPluginResource}
010 * by passing it to {@link BaseCommonPluginResource#setPluginAuthorizationCheck(PluginAuthorizationCheck)}
011 * in the class's constructor. Any supplied {@link PluginAuthorizationCheck} will be invoked at the start of `handle()`.
012 *
013 * Your plugin class can also _implement_ this interface, with the same effect.
014 */
015@FunctionalInterface
016public interface PluginAuthorizationCheck {
017    /**
018     * Executes the authorization check, intended to throw a {@link UnauthorizedAccessException} if not allowed
019     *
020     * @throws UnauthorizedAccessException If anything fails
021     * @throws GeneralException            if anything goes wrong
022     */
023    void checkAccess() throws GeneralException;
024}