AuthorizationRule

An AuthorizationRule is a model representing a single rule granting access on a named resource to a particular user and/or a particular role or rejecting access on that resource from a user or role. It is an essential part of authorization management.

Properties

selector

This mandatory string property selects a resource (see the example) by its name.

user

This optional UUID selects a single user which is granted access to selected resource.

WARNING

A rule must select at least a user or a role. It may select both. Names are not supported here. This includes special name * for matching any user.

role

This optional UUID selects a single role which is granted access to selected resource.

WARNING

A rule must select at least a user or a role. It may select both. Names are not supported here. This includes special name * for matching any role.

accept

This boolean property indicates, whether rule is granting access to selected resource (true) or revoking it (false). The default value is true.

Methods

AuthenticationRules do not have custom methods apart from basic ones.

AuthorizationRule ​

Properties ​

selector ​

user ​

role ​

accept ​