Package com.datahub.plugins.auth.authorization

Interface Authorizer

All Superinterfaces:

Plugin

public interface Authorizer
extends Plugin

An Authorizer is responsible for determining whether an actor should be granted a specific privilege.

Method Summary

Modifier and Type	Method	Description
AuthorizationResult	authorize(AuthorizationRequest request)	Authorizes an action based on the actor, the resource, and required privileges.
AuthorizedActors	authorizedActors(String privilege, Optional<EntitySpec> resourceSpec)	Retrieves the current list of actors authorized to for a particular privilege against an optional resource
void	init(Map<String,Object> authorizerConfig, AuthorizerContext ctx)	Initialize the Authorizer.

Method Details

init

void init(@Nonnull
 Map<String,Object> authorizerConfig,
 @Nonnull
 AuthorizerContext ctx)

Initialize the Authorizer. Invoked once at boot time.

Parameters:

authorizerConfig - config provided to the authenticator derived from the Metadata Service YAML config. This config comes from the "authorization.authorizers.config" configuration.

authorize

AuthorizationResult authorize(@Nonnull
 AuthorizationRequest request)

Authorizes an action based on the actor, the resource, and required privileges.

authorizedActors

AuthorizedActors authorizedActors(String privilege,
 Optional<EntitySpec> resourceSpec)

Retrieves the current list of actors authorized to for a particular privilege against an optional resource