public interface AciTargetMatchContext
Modifier and Type | Method and Description |
---|---|
void |
addTargAttrFiltersMatchAci(Aci aci)
Add the specified ACI to a list of ACIs that have a targattrfilters rule
that matched.
|
void |
clearEvalAttributes(int v)
Used to clear the mask used to detect if access checking needs to be
performed on individual attributes types.
|
String |
getControlOID()
Return the OID (Object Identifier) string of the control being evaluated.
|
org.forgerock.opendj.ldap.schema.AttributeType |
getCurrentAttributeType()
Get the current attribute type being evaluated.
|
org.forgerock.opendj.ldap.ByteString |
getCurrentAttributeValue()
The current attribute type value being evaluated.
|
String |
getExtOpOID()
Return The OID (Object Identifier) string of the extended operation being
evaluated.
|
Entry |
getResourceEntry()
Get the entry being evaluated.
|
int |
getRights()
Return the rights for this container's LDAP operation.
|
boolean |
getTargAttrFiltersMatch()
Return the value of the targAttrFiltersMatch variable.
|
boolean |
hasEntryTestRule()
True if an entry test rule was found.
|
boolean |
hasEvalOpAttributes()
Return true if the evaluating ACI either contained an explicitly defined
operational attribute type in a targetattr target rule or both a targetattr
all operational attributes rule matched and a explicitly defined targetattr
target rule matched.
|
boolean |
hasEvalUserAttributes()
Return true if the evaluating ACI either contained an explicitly defined
user attribute type in a targeattr target rule or both a targetattr all
user attributes rule matched and a explicitly defined targetattr target rule
matched.
|
boolean |
hasRights(int rights)
Checks if the container's rights has the specified rights.
|
boolean |
isFirstAttribute()
True if the first attribute of the resource entry is being evaluated.
|
boolean |
isGetEffectiveRightsEval()
Returns true of a match context is performing a geteffectiverights
evaluation.
|
void |
setAllowList(List<Aci> allowList)
Set the allow ACI list.
|
void |
setCurrentAttributeType(org.forgerock.opendj.ldap.schema.AttributeType type)
Set the attribute type to be evaluated.
|
void |
setCurrentAttributeValue(org.forgerock.opendj.ldap.ByteString v)
Set the attribute value to be evaluated.
|
void |
setDenyList(List<Aci> denyList)
Set the deny ACI list.
|
void |
setEntryTestRule(boolean val)
True if the target matching code found an entry test rule.
|
void |
setEvalOpAttributes(int v)
This method toggles a mask that indicates that access checking of
individual operational attributes may or may not be skipped depending
on if there is a single ACI containing a targetattr all operational
attributes rule (targetattr="+").
|
void |
setEvalUserAttributes(int v)
This method toggles a mask that indicates that access checking of
individual user attributes may or may not be skipped depending
on if there is a single ACI containing a targetattr all user
attributes rule (targetattr="*").
|
void |
setIsFirstAttribute(boolean isFirst)
Set to true if the first attribute of the resource entry is
being evaluated.
|
void |
setRights(int rights)
Set the rights of the container to the specified rights.
|
void |
setTargAttrFiltersAciName(String name)
Save the name of the last ACI that matched a targattrfilters rule.
|
void |
setTargAttrFiltersMatch(boolean v)
Set to true if the ACI had a targattrfilter rule that matched.
|
void setDenyList(List<Aci> denyList)
denyList
- The deny ACI list.void setAllowList(List<Aci> allowList)
allowList
- The list of allow ACIs.Entry getResourceEntry()
org.forgerock.opendj.ldap.schema.AttributeType getCurrentAttributeType()
org.forgerock.opendj.ldap.ByteString getCurrentAttributeValue()
boolean isFirstAttribute()
void setIsFirstAttribute(boolean isFirst)
isFirst
- True if this is the first attribute of the
resource entry being evaluated.void setCurrentAttributeType(org.forgerock.opendj.ldap.schema.AttributeType type)
type
- The attribute type to set to.void setCurrentAttributeValue(org.forgerock.opendj.ldap.ByteString v)
v
- The current attribute value to set to.void setEntryTestRule(boolean val)
val
- True if an entry test rule was found.boolean hasEntryTestRule()
int getRights()
String getControlOID()
String getExtOpOID()
boolean hasRights(int rights)
rights
- The rights to check for.void setRights(int rights)
rights
- The rights to set the container's rights to.void setTargAttrFiltersMatch(boolean v)
v
- The value to use.boolean getTargAttrFiltersMatch()
void addTargAttrFiltersMatchAci(Aci aci)
aci
- The ACI to save.void setTargAttrFiltersAciName(String name)
name
- The ACI's name to save.boolean isGetEffectiveRightsEval()
void setEvalUserAttributes(int v)
v
- The mask to this value.void setEvalOpAttributes(int v)
v
- The mask to this value.boolean hasEvalUserAttributes()
boolean hasEvalOpAttributes()
void clearEvalAttributes(int v)
v
- The flag to clear or 0 to set the mask to 0.Copyright © 2010-2017 ForgeRock AS. All Rights Reserved.