Interface RBAC
-
- All Implemented Interfaces:
public interface RBACThe RBAC interface provides methods for checking a user's permissions according to the roles defined in the Stytch Dashboard
-
-
Method Summary
Modifier and Type Method Description abstract BooleanisAuthorizedSync(String resourceId, String action)Determines whether the logged-in member is allowed to perform the specified action on the specified resource. abstract BooleanisAuthorized(String resourceId, String action)Determines whether the logged-in member is allowed to perform the specified action on the specified resource. abstract UnitisAuthorized(String resourceId, String action, Function1<Boolean, Unit> callback)Determines whether the logged-in member is allowed to perform the specified action on the specified resource. abstract CompletableFuture<Boolean>isAuthorizedCompletable(String resourceId, String action)Determines whether the logged-in member is allowed to perform the specified action on the specified resource. abstract Map<String, Map<String, Boolean>>allPermissions()Evaluates all permissions granted to the logged-in member. abstract UnitallPermissions(Function1<Map<String, Map<String, Boolean>>, Unit> callback)Evaluates all permissions granted to the logged-in member. abstract CompletableFuture<Map<String, Map<String, Boolean>>>allPermissionsCompletable()Evaluates all permissions granted to the logged-in member. -
-
Method Detail
-
isAuthorizedSync
abstract Boolean isAuthorizedSync(String resourceId, String action)
Determines whether the logged-in member is allowed to perform the specified action on the specified resource. Returns
trueif the member can perform the action,falseotherwise.This method uses a locally-cached instance of the member and the configured RBAC policy. If the member is not logged in, or the RBAC policy has not been loaded, this method will always return false. If the resource or action provided are not valid for the configured RBAC policy, this method will return false.
To check authorization using guaranteed-fresh data, use {@link isAuthorized}. Remember - authorization checks for sensitive actions should always occur on the backend as well.
-
isAuthorized
abstract Boolean isAuthorized(String resourceId, String action)
Determines whether the logged-in member is allowed to perform the specified action on the specified resource. Returns
trueif the member can perform the action,falseotherwise.If the member is not logged in, this method will always return false. If the resource or action provided are not valid for the configured RBAC policy, this method will return false.
To check authorization using cached data, use {@link isAuthorizedSync}. Remember - authorization checks for sensitive actions should always occur on the backend as well.
-
isAuthorized
abstract Unit isAuthorized(String resourceId, String action, Function1<Boolean, Unit> callback)
Determines whether the logged-in member is allowed to perform the specified action on the specified resource. Returns
trueif the member can perform the action,falseotherwise.If the member is not logged in, this method will always return false. If the resource or action provided are not valid for the configured RBAC policy, this method will return false.
To check authorization using cached data, use {@link isAuthorizedSync}. Remember - authorization checks for sensitive actions should always occur on the backend as well.
-
isAuthorizedCompletable
abstract CompletableFuture<Boolean> isAuthorizedCompletable(String resourceId, String action)
Determines whether the logged-in member is allowed to perform the specified action on the specified resource. Returns
trueif the member can perform the action,falseotherwise.If the member is not logged in, this method will always return false. If the resource or action provided are not valid for the configured RBAC policy, this method will return false.
To check authorization using cached data, use {@link isAuthorizedSync}. Remember - authorization checks for sensitive actions should always occur on the backend as well.
-
allPermissions
abstract Map<String, Map<String, Boolean>> allPermissions()
Evaluates all permissions granted to the logged-in member. Returns a Map<RoleId, Map<Action, Boolean>> response indicating the member's permissions. Each boolean will be
trueif the member can perform the action,falseotherwise.If the member is not logged in, all values will be false.
Remember - authorization checks for sensitive actions should always occur on the backend as well.
-
allPermissions
abstract Unit allPermissions(Function1<Map<String, Map<String, Boolean>>, Unit> callback)
Evaluates all permissions granted to the logged-in member. Returns a Map<RoleId, Map<Action, Boolean>> response indicating the member's permissions. Each boolean will be
trueif the member can perform the action,falseotherwise.If the member is not logged in, all values will be false.
Remember - authorization checks for sensitive actions should always occur on the backend as well.
-
allPermissionsCompletable
abstract CompletableFuture<Map<String, Map<String, Boolean>>> allPermissionsCompletable()
Evaluates all permissions granted to the logged-in member. Returns a Map<RoleId, Map<Action, Boolean>> response indicating the member's permissions. Each boolean will be
trueif the member can perform the action,falseotherwise.If the member is not logged in, all values will be false.
Remember - authorization checks for sensitive actions should always occur on the backend as well.
-
-
-
-