Package dev.galasa.framework.api.common
Class ProtectedRoute
java.lang.Object
dev.galasa.framework.api.common.BaseRoute
dev.galasa.framework.api.common.ProtectedRoute
- All Implemented Interfaces:
IRoute
This is an abstract class that represents a route protected under a JWT challenge and RBAC.
Requests to protected routes will always contain an 'Authorization' header with a bearer token.
-
Field Summary
Fields -
Constructor Summary
ConstructorsConstructorDescriptionProtectedRoute(ResponseBuilder responseBuilder, String path, RBACService rbacService) -
Method Summary
Modifier and TypeMethodDescriptionbooleanisActionPermitted(BuiltInAction action, String loginId) Checks if the given action is permitted for the user that sent the given requestprotected voidvalidateActionPermitted(BuiltInAction action, String loginId) Methods inherited from class dev.galasa.framework.api.common.BaseRoute
checkJsonElementIsValidJSON, checkRequestHasContent, getPathRegex, getResponseBuilder, getResponseType, getSupportedQueryParameterNames, handleDeleteRequest, handleGetRequest, handlePostRequest, handlePutRequest, parseRequestBody, validateAcceptHeader
-
Field Details
-
rbacService
-
rbacValidator
-
-
Constructor Details
-
ProtectedRoute
-
-
Method Details
-
validateActionPermitted
protected void validateActionPermitted(BuiltInAction action, String loginId) throws InternalServletException - Throws:
InternalServletException
-
isActionPermitted
public boolean isActionPermitted(BuiltInAction action, String loginId) throws InternalServletException Description copied from interface:IRouteChecks if the given action is permitted for the user that sent the given request- Parameters:
action- the action being performedloginId- the login ID of the user sending a request to this route- Returns:
- true if the user is allowed to perform the given action, false otherwise
- Throws:
InternalServletException- if there was an issue accessing the RBAC service
-