public interface AciTargetMatchContext
Modifier and Type | Method and Description |
---|---|
void |
addTargAttrFiltersMatchAci(Aci aci)
Add the specified ACI to a list of ACIs that have a targattrfilters rule that matched.
|
void |
clearEvalAttributes(int v)
Used to clear the mask used to detect if access checking needs to be performed on individual attributes types.
|
String |
getControlOID()
Return the OID (Object Identifier) string of the control being evaluated.
|
AttributeType |
getCurrentAttributeType()
Get the current attribute type being evaluated.
|
ByteString |
getCurrentAttributeValue()
The current attribute type value being evaluated.
|
String |
getExtOpOID()
Return The OID (Object Identifier) string of the extended operation being evaluated.
|
Entry |
getResourceEntry()
Get the entry being evaluated.
|
int |
getRights()
Return the rights for this container's LDAP operation.
|
boolean |
getTargAttrFiltersMatch()
Return the value of the targAttrFiltersMatch variable.
|
boolean |
hasEntryTestRule()
True if an entry test rule was found.
|
boolean |
hasEvalOpAttributes()
Return true if the evaluating ACI either contained an explicitly defined operational attribute type in a
targetattr target rule or both a targetattr all operational attributes rule matched and a explicitly defined
targetattr target rule matched.
|
boolean |
hasEvalUserAttributes()
Return true if the evaluating ACI either contained an explicitly defined user attribute type in a targeattr
target rule or both a targetattr all user attributes rule matched and a explicitly defined targetattr target rule
matched.
|
boolean |
hasRights(int rights)
Checks if the container's rights has the specified rights.
|
boolean |
isFirstAttribute()
True if the first attribute of the resource entry is being evaluated.
|
boolean |
isGetEffectiveRightsEval()
Returns true of a match context is performing a geteffectiverights evaluation.
|
void |
setAllowList(List<Aci> allowList)
Set the allow ACI list.
|
void |
setCurrentAttributeType(AttributeType type)
Set the attribute type to be evaluated.
|
void |
setCurrentAttributeValue(ByteString v)
Set the attribute value to be evaluated.
|
void |
setDenyList(List<Aci> denyList)
Set the deny ACI list.
|
void |
setEntryTestRule(boolean val)
True if the target matching code found an entry test rule.
|
void |
setEvalOpAttributes(int v)
This method toggles a mask that indicates that access checking of individual operational attributes may or may
not be skipped depending on if there is a single ACI containing a targetattr all operational attributes rule
(targetattr="+").
|
void |
setEvalUserAttributes(int v)
This method toggles a mask that indicates that access checking of individual user attributes may or may not be
skipped depending on if there is a single ACI containing a targetattr all user attributes rule (targetattr="*").
|
void |
setIsFirstAttribute(boolean isFirst)
Set to true if the first attribute of the resource entry is being evaluated.
|
void |
setRights(int rights)
Set the rights of the container to the specified rights.
|
void |
setTargAttrFiltersAciName(String name)
Save the name of the last ACI that matched a targattrfilters rule.
|
void |
setTargAttrFiltersMatch(boolean v)
Set to true if the ACI had a targattrfilter rule that matched.
|
void setDenyList(List<Aci> denyList)
denyList
- The deny ACI list.void setAllowList(List<Aci> allowList)
allowList
- The list of allow ACIs.Entry getResourceEntry()
AttributeType getCurrentAttributeType()
ByteString getCurrentAttributeValue()
boolean isFirstAttribute()
void setIsFirstAttribute(boolean isFirst)
isFirst
- True if this is the first attribute of the resource entry being evaluated.void setCurrentAttributeType(AttributeType type)
type
- The attribute type to set to.void setCurrentAttributeValue(ByteString v)
v
- The current attribute value to set to.void setEntryTestRule(boolean val)
val
- True if an entry test rule was found.boolean hasEntryTestRule()
int getRights()
String getControlOID()
String getExtOpOID()
boolean hasRights(int rights)
rights
- The rights to check for.void setRights(int rights)
rights
- The rights to set the container's rights to.void setTargAttrFiltersMatch(boolean v)
v
- The value to use.boolean getTargAttrFiltersMatch()
void addTargAttrFiltersMatchAci(Aci aci)
aci
- The ACI to save.void setTargAttrFiltersAciName(String name)
name
- The ACI's name to save.boolean isGetEffectiveRightsEval()
void setEvalUserAttributes(int v)
v
- The mask to this value.void setEvalOpAttributes(int v)
v
- The mask to this value.boolean hasEvalUserAttributes()
boolean hasEvalOpAttributes()
void clearEvalAttributes(int v)
v
- The flag to clear or 0 to set the mask to 0.Copyright 2010-2022 ForgeRock AS.