forked from infinispan/infinispan
-
Notifications
You must be signed in to change notification settings - Fork 2
/
AuthorizationPermission.java
93 lines (85 loc) · 2.06 KB
/
AuthorizationPermission.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
package org.infinispan.security;
import org.infinispan.Cache;
/**
* AuthorizationPermission.
*
* @author Tristan Tarrant
* @since 7.0
*/
public enum AuthorizationPermission {
/**
* Allows control of a cache's lifecycle (i.e. invoke {@link Cache#start()} and
* {@link Cache#stop()}
*/
LIFECYCLE(1 << 0),
/**
* Allows reading data from a cache
*/
READ(1 << 1),
/**
* Allows writing data to a cache
*/
WRITE(1 << 2),
/**
* Allows performing task execution (e.g. cluster executor, tasks) on a cache
*/
EXEC(1 << 3),
/**
* Allows attaching listeners to a cache
*/
LISTEN(1 << 4),
/**
* Allows bulk-read operations (e.g. {@link Cache#keySet()}) on a cache
*/
BULK_READ(1 << 5),
/**
* Allows bulk-write operations (e.g. {@link Cache#clear()}) on a cache
*/
BULK_WRITE(1 << 6),
/**
* Allows performing "administrative" operations on a cache
*/
ADMIN(1 << 7),
/**
* Allows creation of resources (caches, counters, schemas, tasks)
*/
CREATE(1 << 8),
/**
* Allows retrieval of stats
*/
MONITOR(1 << 9),
/**
* Aggregate permission which implies all of the others
*/
ALL(Integer.MAX_VALUE),
/**
* Aggregate permission which implies all read permissions
*/
ALL_READ(READ.getMask() + BULK_READ.getMask()),
/**
* Aggregate permission which implies all write permissions
*/
ALL_WRITE(WRITE.getMask() + BULK_WRITE.getMask()),
/**
* No permissions
*/
NONE(0);
private final int mask;
private final CachePermission securityPermission;
AuthorizationPermission(int mask) {
this.mask = mask;
securityPermission = new CachePermission(this);
}
public int getMask() {
return mask;
}
public CachePermission getSecurityPermission() {
return securityPermission;
}
public boolean matches(int mask) {
return ((this.mask & mask) == this.mask);
}
public boolean implies(AuthorizationPermission that) {
return ((this.mask & that.mask) == that.mask);
}
}