Package com.linkedin.venice.controller

Class MockVeniceAuthorizer

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void addAce​(Resource resource, AceEntry aceEntry)
      This will add a single AceEntry to the existing AceEntries for a resource.
      boolean canAccess​(Method method, Resource resource, Principal principal)
      Check if the principal has the permission to perform the method on the resource.
      boolean canAccess​(Method method, Resource resource, java.security.cert.X509Certificate accessorCert)
      Check if the principal has the permission to perform the method on the resource.
      void clearAcls​(Resource resource)
      This will clear the existing AceEntries for a resource.
      AclBinding describeAcls​(Resource resource)
      Return a list of existing AceEntries present for the given resource.
      void removeAce​(Resource resource, AceEntry aceEntry)
      This will remove a single AceEntry from the existing AceEntries for a resource.
      void setAcls​(AclBinding aclBinding)
      This will set the AceEntries in provided AclBinding object to be the current set of ACL's for the resource.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Field Detail

      • setAclsCounter

        public int setAclsCounter

      • clearAclCounter

        public int clearAclCounter

    • Constructor Detail

      • MockVeniceAuthorizer

        public MockVeniceAuthorizer()

    • Method Detail

      • canAccess

        public boolean canAccess​(Method method,
                         Resource resource,
                         Principal principal)
        Description copied from interface: AuthorizerService
        Check if the principal has the permission to perform the method on the resource. Implementation should define how to handle duplicate/conflicting ACE entries present for the resource and also how to handle presence of no AceEntries for a resource.
        Specified by:
        canAccess in interface AuthorizerService
        Parameters:
        method - what method is being performed.
        resource - what resource the method is being performed
        principal - who is performing the method on the resource.
        Returns:
        true if principal has the permission to perform the method on the resource, otherwise return false.

      • canAccess

        public boolean canAccess​(Method method,
                         Resource resource,
                         java.security.cert.X509Certificate accessorCert)
        Description copied from interface: AuthorizerService
        Check if the principal has the permission to perform the method on the resource. Implementation should define how to handle duplicate/conflicting ACE entries present for the resource and also how to handle presence of no AceEntries for a resource.
        Specified by:
        canAccess in interface AuthorizerService
        Parameters:
        method - what method is being performed.
        resource - what resource the method is being performed
        accessorCert - who is performing the method on the resource.
        Returns:
        true if principal has the permission to perform the method on the resource, otherwise return false.

      • describeAcls

        public AclBinding describeAcls​(Resource resource)
        Description copied from interface: AuthorizerService
        Return a list of existing AceEntries present for the given resource. Implementations should return an empty AclBinding object when no acl's are present for the resource.
        Specified by:
        describeAcls in interface AuthorizerService
        Returns:
        AclBinding object containg the list of existing aceEntries. The AceEntry list may be empty if there is no existing ACL's provisioned.

      • setAcls

        public void setAcls​(AclBinding aclBinding)
        Description copied from interface: AuthorizerService
        This will set the AceEntries in provided AclBinding object to be the current set of ACL's for the resource. This performs an overwrite operation. An empty AceEntries list will clear all acls and achieve a similar result like AuthorizerService.clearAcls(Resource).
        Specified by:
        setAcls in interface AuthorizerService
        Parameters:
        aclBinding - A fully contained object having a list of AceEntries associated with the resource.

      • clearAcls

        public void clearAcls​(Resource resource)
        Description copied from interface: AuthorizerService
        This will clear the existing AceEntries for a resource.
        Specified by:
        clearAcls in interface AuthorizerService
        Parameters:
        resource - the resource for which all ACl's will be cleared.

      • addAce

        public void addAce​(Resource resource,
                   AceEntry aceEntry)
        Description copied from interface: AuthorizerService
        This will add a single AceEntry to the existing AceEntries for a resource. Implementation may or may not allow duplicate/conflicting entries. Implementation may throw any necessary error/exception.
        Specified by:
        addAce in interface AuthorizerService
        Parameters:
        resource - The resource for which an AceEntry is getting added.
        aceEntry - The AceEntry to be removed.

      • removeAce

        public void removeAce​(Resource resource,
                      AceEntry aceEntry)
        Description copied from interface: AuthorizerService
        This will remove a single AceEntry from the existing AceEntries for a resource. Implementation should define how to handle removal in case duplicate AceEntries are allowed. The equivalence check should do exact match of all fields of the AceEntry object. Implementation may throw any necessary error/exception.
        Specified by:
        removeAce in interface AuthorizerService
        Parameters:
        resource - The resource for which an AceEntry is getting removed.
        aceEntry - The AceEntry to be removed.