forked from cerbos/cerbos-sdk-java
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathCheckResourcesRequestBuilder.java
More file actions
96 lines (86 loc) · 3.35 KB
/
CheckResourcesRequestBuilder.java
File metadata and controls
96 lines (86 loc) · 3.35 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
/*
* Copyright 2021-2025 Zenauth Ltd.
* SPDX-License-Identifier: Apache-2.0
*/
package dev.cerbos.sdk;
import com.google.protobuf.Value;
import dev.cerbos.api.v1.audit.Audit;
import dev.cerbos.api.v1.engine.Engine;
import dev.cerbos.api.v1.request.Request;
import dev.cerbos.api.v1.response.Response;
import dev.cerbos.api.v1.svc.CerbosServiceGrpc;
import dev.cerbos.sdk.builders.Resource;
import dev.cerbos.sdk.builders.ResourceAction;
import io.grpc.StatusRuntimeException;
import java.util.Arrays;
import java.util.Map;
import java.util.Optional;
import java.util.function.Supplier;
import java.util.stream.Collectors;
public class CheckResourcesRequestBuilder {
private final Supplier<CerbosServiceGrpc.CerbosServiceBlockingStub> clientStub;
private final Request.CheckResourcesRequest.Builder requestBuilder;
CheckResourcesRequestBuilder(
Supplier<CerbosServiceGrpc.CerbosServiceBlockingStub> clientStub,
Request.AuxData auxData,
Optional<Map<String, Value>> requestAnnotations,
Engine.Principal principal) {
this.clientStub = clientStub;
this.requestBuilder =
Request.CheckResourcesRequest.newBuilder()
.setRequestId(RequestId.generate())
.setPrincipal(principal)
.setAuxData(auxData);
requestAnnotations.map(a -> this.requestBuilder.setRequestContext(Audit.RequestContext.newBuilder().putAllAnnotations(a).build()));
}
/**
* Add a resource and a set of actions to check against that resource.
*
* @param resource Resource to check
* @param actions Actions to check
* @return {@link CheckResourcesRequestBuilder}
*/
public CheckResourcesRequestBuilder addResourceAndActions(Resource resource, String... actions) {
this.requestBuilder.addResources(
Request.CheckResourcesRequest.ResourceEntry.newBuilder()
.setResource(resource.toResource())
.addAllActions(Arrays.asList(actions))
.build());
return this;
}
/**
* Add a set of resource and action pairs.
*
* @param resources Resource and actions to check
* @return {@link CheckResourcesRequestBuilder}
*/
public CheckResourcesRequestBuilder addResources(ResourceAction... resources) {
this.requestBuilder.addAllResources(
Arrays.stream(resources).map(ResourceAction::toResourceEntry).collect(Collectors.toList()));
return this;
}
/**
* Set the includeMeta field in the request.
*
* @return {@link CheckResourcesRequestBuilder}
*/
public CheckResourcesRequestBuilder withIncludeMeta() {
this.requestBuilder.setIncludeMeta(true);
return this;
}
/**
* Perform the check using the accumulated list of resources and actions.
*
* @return {@link CheckResourcesResult}
* @throws CerbosException if a network exception is caught.
*/
public CheckResourcesResult check() {
try {
Response.CheckResourcesResponse resp =
clientStub.get().checkResources(requestBuilder.build());
return new CheckResourcesResult(resp);
} catch (StatusRuntimeException sre) {
throw new CerbosException(sre.getStatus(), sre.getCause());
}
}
}