Class ResourcePolicy

java.lang.Object
io.jmix.security.model.ResourcePolicy
All Implemented Interfaces:
Serializable

public class ResourcePolicy extends Object implements Serializable
Describes a permission to a resource.

A resource may be a screen, entity CRUD operation, entity attribute operation, etc.

For example, a policy that allows UPDATE operation on the sample_Order entity will look as follows:

  • type = "entity"
  • resource = "sample_Order"
  • action = "update"
  • effect = "allow"
See Also:
  • Field Details

  • Constructor Details

  • Method Details

    • builder

      public static ResourcePolicy.Builder builder(String type, String resource)
    • getType

      public String getType()
      Returns policy type. Standard policies type are:
      • menu
      • screen
      • entity
      • entityAttribute
      • specific

      They are listed in the ResourcePolicyType

      Returns:
      policy type
    • getResource

      public String getResource()
      Returns a resource description. For screen policies it a screen id, for entity - entity name, for entity attributes it is a string that contains an entity name and an attribute name separated by a dot.
      Returns:
      resource
    • getAction

      public String getAction()
      Returns policy action. The action is an operation that policy allows or denies.
      Returns:
      policy action
    • getEffect

      public String getEffect()
      Returns policy effect. Usually it is "allow" or "deny". The constant values are in the ResourcePolicyEffect class
      Returns:
      policy effect
    • getPolicyGroup

      public String getPolicyGroup()
      Returns policy group. For annotated roles policy group is typically a name of the method in the role interface
      Returns:
      policy group
    • getCustomProperties

      public Map<String,String> getCustomProperties()