Package com.linkedin.venice.acl.handler

Class AbstractStoreAclHandler<REQUEST_TYPE>

  • All Implemented Interfaces:
    io.netty.channel.ChannelHandler, io.netty.channel.ChannelInboundHandler
    Direct Known Subclasses:
    RouterStoreAclHandler, ServerStoreAclHandler
    @Sharable
public abstract class AbstractStoreAclHandler<REQUEST_TYPE>
extends io.netty.channel.SimpleChannelInboundHandler<io.netty.handler.codec.http.HttpRequest>
    Store-level access control handler, which is being used by both Router and Server.

    • Nested Class Summary

      • Nested classes/interfaces inherited from interface io.netty.channel.ChannelHandler

        io.netty.channel.ChannelHandler.Sharable

    • Method Summary

      All Methods Instance Methods Abstract Methods Concrete Methods 
      Modifier and Type Method Description
      void channelRead0​(io.netty.channel.ChannelHandlerContext ctx, io.netty.handler.codec.http.HttpRequest req)
      Verify if client has permission to access.
      protected AccessResult checkAccess​(java.lang.String uri, java.security.cert.X509Certificate clientCert, java.lang.String storeName, java.lang.String method)  
      protected abstract java.lang.String extractStoreName​(REQUEST_TYPE requestType, java.lang.String[] requestParts)  
      protected boolean isAccessAlreadyApproved​(io.netty.channel.ChannelHandlerContext ctx)  
      protected abstract boolean needsAclValidation​(REQUEST_TYPE requestType)  
      protected abstract REQUEST_TYPE validateRequest​(java.lang.String[] requestParts)
      Validate the request and return the request type.

      • Methods inherited from class io.netty.channel.SimpleChannelInboundHandler

        acceptInboundMessage, channelRead

      • Methods inherited from class io.netty.channel.ChannelInboundHandlerAdapter

        channelActive, channelInactive, channelReadComplete, channelRegistered, channelUnregistered, channelWritabilityChanged, exceptionCaught, userEventTriggered

      • Methods inherited from class io.netty.channel.ChannelHandlerAdapter

        ensureNotSharable, handlerAdded, handlerRemoved, isSharable

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

      • Methods inherited from interface io.netty.channel.ChannelHandler

        handlerAdded, handlerRemoved

    • Method Detail

      • channelRead0

        public void channelRead0​(io.netty.channel.ChannelHandlerContext ctx,
                         io.netty.handler.codec.http.HttpRequest req)
                  throws javax.net.ssl.SSLPeerUnverifiedException
        Verify if client has permission to access.
        Specified by:
        channelRead0 in class io.netty.channel.SimpleChannelInboundHandler<io.netty.handler.codec.http.HttpRequest>
        Parameters:
        ctx -
        req -
        Throws:
        javax.net.ssl.SSLPeerUnverifiedException

      • isAccessAlreadyApproved

        protected boolean isAccessAlreadyApproved​(io.netty.channel.ChannelHandlerContext ctx)

      • needsAclValidation

        protected abstract boolean needsAclValidation​(REQUEST_TYPE requestType)

      • extractStoreName

        protected abstract java.lang.String extractStoreName​(REQUEST_TYPE requestType,
                                                     java.lang.String[] requestParts)

      • validateRequest

        protected abstract REQUEST_TYPE validateRequest​(java.lang.String[] requestParts)
        Validate the request and return the request type. If the request is invalid, return null
        Parameters:
        requestParts - the parts of the request URI
        Returns:
        the request type; null if the request is invalid

      • checkAccess

        protected AccessResult checkAccess​(java.lang.String uri,
                                   java.security.cert.X509Certificate clientCert,
                                   java.lang.String storeName,
                                   java.lang.String method)