bolster.security
Members list
Type members
Classlikes
Defines permission by name.
Defines permission by name.
Attributes
- Companion
- object
- Supertypes
-
class Objecttrait Matchableclass Any
Provides permission factory.
Provides permission factory.
Attributes
- Companion
- trait
- Supertypes
-
trait Sumtrait Mirrorclass Objecttrait Matchableclass Any
- Self type
-
Permission.type
Defines root context in which all permissions are granted.
Defines root context in which all permissions are granted.
Attributes
- See also
- Supertypes
- Self type
-
RootContext.type
Defines context in which permissions are granted.
Defines context in which permissions are granted.
A SecurityContext
establishes a pattern in which a restricted operation is performed only if required permissions are granted; otherwise, a SecurityViolation is raised.
The following demonstrates how read/write access to an in-memory cache could be implemented.
import bolster.security.{ Permission, SecurityContext, UserContext }
import scala.collection.concurrent.TrieMap
object SecureCache:
// Define permissions to read and write cache entries
private val getPermission = Permission("cache:get")
private val putPermission = Permission("cache:put")
private val cache = TrieMap[String, String](
"gang starr" -> "step in the arena",
"digable planets" -> "blowout comb"
)
def get(key: String)(using security: SecurityContext): String =
// Test for read permission before getting cache entry
security(getPermission) { cache(key) }
def put(key: String, value: String)(using security: SecurityContext): Unit =
// Test for write permission before putting cache entry
security(putPermission) { cache += key -> value }
// Set security context to include read permission
given SecurityContext = UserContext(Permission("cache:get"))
// Get cache entry
val classic = SecureCache.get("gang starr")
// Throw SecurityViolation because write permission is not granted
SecureCache.put("sucker mc", classic)
Attributes
- Supertypes
-
class Objecttrait Matchableclass Any
- Known subtypes
-
object RootContext.typetrait UserContext
Indicates security violation.
Indicates security violation.
Value parameters
- message
-
detail message
Attributes
- Constructor
-
Constructs
SecurityViolation
with supplied detail message. - Supertypes
-
trait Producttrait Equalsclass RuntimeExceptionclass Exceptionclass Throwabletrait Serializableclass Objecttrait Matchableclass AnyShow all
Defines user context in which a set of permissions is granted.
Defines user context in which a set of permissions is granted.
Attributes
- See also
- Companion
- object
- Supertypes
Provides user context factory.
Provides user context factory.
Attributes
- Companion
- trait
- Supertypes
-
trait Sumtrait Mirrorclass Objecttrait Matchableclass Any
- Self type
-
UserContext.type