Class SecurityContext

  • All Implemented Interfaces:
    java.io.Serializable

    public class SecurityContext
    extends java.lang.Object
    implements java.io.Serializable
    Encapsulates contextual security information about the current user of the tag system
    See Also:
    Serialized Form
    • Field Detail

      • THREAD_LOCAL

        public static final java.lang.ThreadLocal<SecurityContext> THREAD_LOCAL
    • Method Detail

      • getRoles

        public com.google.common.collect.ImmutableCollection<java.lang.String> getRoles()
        Returns:
        the user's roles in this context
      • getSecurityZones

        public com.google.common.collect.ImmutableCollection<java.lang.String> getSecurityZones()
        Returns:
        the user's security zones in this context
      • getSecurityLevels

        public com.google.common.collect.ImmutableCollection<SecurityLevelConfig> getSecurityLevels()
        Returns:
        the user's security levels in this context
      • isSystem

        public boolean isSystem()
        Returns:
        If true, this indicates to the tag system that a tag write is originating from the gateway, and there is no relevant user info. Examples include gateway tag event scripts and tag writes from SFCs.
      • fromSecurityLevels

        public static SecurityContext fromSecurityLevels​(com.google.common.collect.ImmutableCollection<SecurityLevelConfig> securityLevels)
        Create a SecurityContext from the given ImmutableCollection of SecurityLevelConfigs representing the children of the root public security level
        Parameters:
        securityLevels - the security level tree node children of the root public security level
        Returns:
        a new SecurityContext containing the given security level tree nodes
      • fromRolesAndZones

        public static SecurityContext fromRolesAndZones​(com.google.common.collect.ImmutableCollection<java.lang.String> roles,
                                                        com.google.common.collect.ImmutableCollection<java.lang.String> zones)
        Create a SecurityContext from the given ImmutableCollections of roles and zones.
        Parameters:
        roles - the roles assigned to the current users
        zones - the security zones assigned to the current user
        Returns:
        a new SecurityContext containing the given roles and zones
      • emptyContext

        public static SecurityContext emptyContext()
        Returns:
        A SecurityContext without any security level, roles or zones set. Use when no authenticated user is present.
      • systemContext

        public static SecurityContext systemContext()
        Returns:
        A SecurityContext without any security level, roles or zones set, but the isSystem flag is set to true. This indicates to the tag system that a tag write is originating from the gateway, and there is no relevant user info. Examples include gateway tag event scripts and tag writes from SFCs.