SecurityContext
Defines context in which permissions are granted.
A SecurityContext
establishes a pattern in which a restricted operation is performed only if required permissions are granted; otherwise, a SecurityViolation is raised.
The following demonstrates how read/write access to an in-memory cache could be implemented.
import bolster.security.{ Permission, SecurityContext, UserContext }
import scala.collection.concurrent.TrieMap
object SecureCache:
// Define permissions to read and write cache entries
private val getPermission = Permission("cache:get")
private val putPermission = Permission("cache:put")
private val cache = TrieMap[String, String](
"gang starr" -> "step in the arena",
"digable planets" -> "blowout comb"
)
def get(key: String)(using security: SecurityContext): String =
// Test for read permission before getting cache entry
security(getPermission) { cache(key) }
def put(key: String, value: String)(using security: SecurityContext): Unit =
// Test for write permission before putting cache entry
security(putPermission) { cache += key -> value }
// Set security context to include read permission
given SecurityContext = UserContext(Permission("cache:get"))
// Get cache entry
val classic = SecureCache.get("gang starr")
// Throw SecurityViolation because write permission is not granted
SecureCache.put("sucker mc", classic)
Attributes
- Graph
-
- Supertypes
-
class Objecttrait Matchableclass Any
- Known subtypes
-
object RootContext.typetrait UserContext
Members list
Value members
Abstract methods
Tests permissions before applying operation.
Tests permissions before applying operation.
If all supplied permissions are granted, the operation is applied; otherwise, SecurityViolation is thrown.
Value parameters
- op
-
operation
- perms
-
permissions
Attributes
- Returns
-
operation value
- Throws
-
SecurityViolation
if all permissions are not granted
- Note
-
Operation is authorized if
perms
is empty.
Tests permissions before applying operation.
Tests permissions before applying operation.
If all supplied permissions are granted, the operation is applied; otherwise, SecurityViolation is thrown.
Value parameters
- more
-
additional permissions
- one
-
permission
- op
-
operation
Attributes
- Returns
-
operation value
- Throws
-
SecurityViolation
if all permissions are not granted
- Note
-
Operation is authorized if
perms
is empty.
Tests permissions before applying operation.
Tests permissions before applying operation.
If any of supplied permissions is granted, the operation is applied; otherwise, SecurityViolation is thrown.
Value parameters
- op
-
operation
- perms
-
permissions
Attributes
- Returns
-
operation value
- Throws
-
SecurityViolation
if no permission is granted
- Note
-
Operation is authorized if
perms
is empty.
Tests permissions before applying operation.
Tests permissions before applying operation.
If any of supplied permissions is granted, the operation is applied; otherwise, SecurityViolation is thrown.
Value parameters
- more
-
additional permissions
- one
-
permission
- op
-
operation
Attributes
- Returns
-
operation value
- Throws
-
SecurityViolation
if no permission is granted
- Note
-
Operation is authorized if
perms
is empty.
Tests permission before applying operation.
Tests permission before applying operation.
If supplied permission is granted, the operation is applied; otherwise, SecurityViolation is thrown.
Value parameters
- op
-
operation
- perm
-
permission
Attributes
- Returns
-
operation value
- Throws
-
SecurityViolation
if permission is not granted
Tests whether supplied permission is granted.
Tests whether supplied permission is granted.
Value parameters
- perm
-
permission
Attributes
- Returns
-
true
if permission is granted; otherwise,false
Tests whether all supplied permissions are granted.
Tests whether all supplied permissions are granted.
Value parameters
- perms
-
permissions
Attributes
- Returns
-
true
if all permissions are granted; otherwise,false
- Note
-
Test succeeds if
perms
is empty.
Tests whether all supplied permissions are granted.
Tests whether all supplied permissions are granted.
Value parameters
- more
-
additional permissions
- one
-
permission
Attributes
- Returns
-
true
if all permissions are granted; otherwise,false
- Note
-
Test succeeds if
perms
is empty.
Tests whether any of supplied permissions is granted.
Tests whether any of supplied permissions is granted.
Value parameters
- perms
-
permissions
Attributes
- Returns
-
true
if any permission is granted; otherwise,false
- Note
-
Test succeeds if
perms
is empty.
Tests whether any of supplied permissions is granted.
Tests whether any of supplied permissions is granted.
Value parameters
- more
-
additional permissions
- one
-
permission
Attributes
- Returns
-
true
if any permission is granted; otherwise,false
- Note
-
Test succeeds if
perms
is empty.