Package com.netscape.certsrv.evaluators
Class AccessEvaluator
java.lang.Object
com.netscape.certsrv.evaluators.AccessEvaluator
- Direct Known Subclasses:
GroupAccessEvaluator
,IPAddressAccessEvaluator
,UserAccessEvaluator
,UserOrigReqAccessEvaluator
A class represents an evaluator. An evaluator is used to
evaluate an expression. For example, one can write an evaluator to
evaluate if a user belongs to a certain group. An evaluator is
generally used for access control expression evaluation, however, it
can be used for other evaluation-related operations.
-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionabstract boolean
Evaluates if the given value satisfies the access control in current context.abstract boolean
Evaluates if the given value satisfies the access control in authToken obtained from Authentication.Gets the description of the evaluatorabstract String[]
Get the supported operators for this evaluatorgetType()
Gets the type of the evaluator.abstract void
init()
Initialize the evaluatorvoid
setCMSEngine
(CMSEngine engine)
-
Field Details
-
engine
-
type
-
description
-
-
Constructor Details
-
AccessEvaluator
public AccessEvaluator()
-
-
Method Details
-
getCMSEngine
-
setCMSEngine
-
init
public abstract void init()Initialize the evaluator -
getType
Gets the type of the evaluator. Type is defined by each evaluator plugin. Each evaluator plugin should have a unique type.- Returns:
- type of the evaluator
-
getDescription
Gets the description of the evaluator- Returns:
- a text description for this evaluator
-
evaluate
Evaluates if the given value satisfies the access control in current context.- Parameters:
type
- Type of the evaluator, eg, user, group etcop
- Operator of the evaluator, eg, =, !=value
- Part of the expression that can be used to evaluate, e.g, value can be the name of the group if the purpose of the evaluator is to evaluate if the user is a member of the group.- Returns:
- true if the evaluation expression is matched; false otherwise.
-
evaluate
Evaluates if the given value satisfies the access control in authToken obtained from Authentication.- Parameters:
authToken
- Authentication tokentype
- Type of the evaluator, eg, user, group etcop
- Operator of the evaluator, eg, =, !=value
- Part of the expression that can be used to evaluate, e.g, value can be the name of the group if the purpose of the evaluator is to evaluate if the user is a member of the group.- Returns:
- true if the evaluation expression is matched; false otherwise.
-
getSupportedOperators
Get the supported operators for this evaluator- Returns:
- Supported operators in string array
-