Package io.micronaut.security.rules
Class SensitiveEndpointRule
- java.lang.Object
-
- io.micronaut.security.rules.SensitiveEndpointRule
-
- All Implemented Interfaces:
io.micronaut.core.order.Ordered
,SecurityRule
@Singleton public class SensitiveEndpointRule extends java.lang.Object implements SecurityRule
Finds any sensitive endpoints and processes requests that match their id. The user must be authenticated to execute sensitive requests.- Since:
- 1.0
- Author:
- Sergio del Amo, James Kleeh
-
-
Field Summary
Fields Modifier and Type Field Description protected java.util.Map<io.micronaut.inject.ExecutableMethod,java.lang.Boolean>
endpointMethods
A map where the key represents the method of an endpoint and the value represents the endpoints sensitivity.static java.lang.Integer
ORDER
The order of the rule.-
Fields inherited from interface io.micronaut.core.order.Ordered
HIGHEST_PRECEDENCE, LOWEST_PRECEDENCE
-
Fields inherited from interface io.micronaut.security.rules.SecurityRule
DENY_ALL, IS_ANONYMOUS, IS_AUTHENTICATED
-
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description SecurityRuleResult
check(io.micronaut.http.HttpRequest request, io.micronaut.web.router.RouteMatch routeMatch, java.util.Map<java.lang.String,java.lang.Object> claims)
Returns a security result based on any conditions.int
getOrder()
-
-
-
Field Detail
-
ORDER
public static final java.lang.Integer ORDER
The order of the rule.
-
endpointMethods
protected final java.util.Map<io.micronaut.inject.ExecutableMethod,java.lang.Boolean> endpointMethods
A map where the key represents the method of an endpoint and the value represents the endpoints sensitivity.
-
-
Method Detail
-
check
public SecurityRuleResult check(io.micronaut.http.HttpRequest request, @Nullable io.micronaut.web.router.RouteMatch routeMatch, @Nullable java.util.Map<java.lang.String,java.lang.Object> claims)
Description copied from interface:SecurityRule
Returns a security result based on any conditions.- Specified by:
check
in interfaceSecurityRule
- Parameters:
request
- The current requestrouteMatch
- The matched route or empty if no route was matched. e.g. static resource.claims
- The claims from the token. Null if not authenticated- Returns:
- The result
- See Also:
SecurityRuleResult
-
getOrder
public int getOrder()
- Specified by:
getOrder
in interfaceio.micronaut.core.order.Ordered
-
-