diff --git a/.gitignore b/.gitignore
index b210962..ddcd232 100644
--- a/.gitignore
+++ b/.gitignore
@@ -26,3 +26,4 @@ hs_err_pid*
# IDE specific
.idea/
+.factorypath
diff --git a/examples/authz-example/pom.xml b/examples/authz-example/pom.xml
index 5a6956e..07da956 100644
--- a/examples/authz-example/pom.xml
+++ b/examples/authz-example/pom.xml
@@ -18,7 +18,7 @@
com.aserto
aserto-java
- 0.31.1
+ 0.31.4
@@ -51,4 +51,4 @@
-
\ No newline at end of file
+
diff --git a/examples/directory-example/pom.xml b/examples/directory-example/pom.xml
index 1989944..9eae05c 100644
--- a/examples/directory-example/pom.xml
+++ b/examples/directory-example/pom.xml
@@ -18,7 +18,7 @@
com.aserto
aserto-java
- 0.31.1
+ 0.31.4
@@ -51,4 +51,4 @@
-
\ No newline at end of file
+
diff --git a/pom.xml b/pom.xml
index 01749a2..d21ce8c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,7 +6,7 @@
com.aserto
aserto-java
- 0.31.3
+ 0.31.4
${project.groupId}:${project.artifactId}
Java SDK to interact with aserto services
@@ -50,12 +50,12 @@
com.aserto
java-authorizer
- 0.20.13
+ 0.20.14
com.aserto
java-directory
- 0.31.4
+ 0.31.5
diff --git a/src/main/java/com/aserto/AuthorizerClient.java b/src/main/java/com/aserto/AuthorizerClient.java
index 9d9a477..4fc911b 100644
--- a/src/main/java/com/aserto/AuthorizerClient.java
+++ b/src/main/java/com/aserto/AuthorizerClient.java
@@ -12,10 +12,18 @@
public interface AuthorizerClient {
public List listPolicies(String policyName, String policyLabel);
+
public Module getPolicy(String policyId);
+
public List is(IdentityCtx identityCtx, PolicyCtx policyCtx);
+
public List is(IdentityCtx identityCtx, PolicyCtx policyCtx, Map resourceCtx);
- public Struct query(String query, PolicyCtx policyContext, Map values);
+
+ public Struct query(String query, PolicyCtx policyContext, Map resourceCtx);
+
+ public Struct query(String query, IdentityCtx identityCtx, PolicyCtx policyContext, Map resourceCtx);
+
public Map decisionTree(IdentityCtx identityCtx, PolicyCtx policyCtx);
+
public void close();
}
diff --git a/src/main/java/com/aserto/authorizer/AuthzClient.java b/src/main/java/com/aserto/authorizer/AuthzClient.java
index dcc3b34..c030ee6 100644
--- a/src/main/java/com/aserto/authorizer/AuthzClient.java
+++ b/src/main/java/com/aserto/authorizer/AuthzClient.java
@@ -19,6 +19,7 @@
import com.aserto.authorizer.v2.QueryRequest;
import com.aserto.authorizer.v2.QueryResponse;
import com.aserto.authorizer.v2.api.IdentityContext;
+import com.aserto.authorizer.v2.api.IdentityType;
import com.aserto.authorizer.v2.api.Module;
import com.aserto.authorizer.v2.api.PolicyContext;
import com.aserto.authorizer.v2.api.PolicyInstance;
@@ -32,6 +33,7 @@
public class AuthzClient implements AuthorizerClient {
private final AuthorizerGrpc.AuthorizerBlockingStub client;
private final ManagedChannel channel;
+
public AuthzClient(ManagedChannel channel) {
client = AuthorizerGrpc.newBlockingStub(channel);
this.channel = channel;
@@ -84,21 +86,29 @@ public List is(IdentityCtx identityCtx, PolicyCtx policyCtx, Map values) {
+ public Struct query(String query, IdentityCtx identityCtx, PolicyCtx policyContext,
+ Map resourceCtx) {
QueryRequest.Builder queryRequestBuilder = QueryRequest.newBuilder();
queryRequestBuilder.setQuery(query);
+ IdentityContext identityContext = buildIdentityContext(identityCtx);
PolicyInstance policy = buildPolicy(policyContext.getName());
- Struct.Builder structBuilder = buildResourceContext(values);
+ Struct.Builder resourceContext = buildResourceContext(resourceCtx);
+ queryRequestBuilder.setIdentityContext(identityContext);
queryRequestBuilder.setPolicyInstance(policy);
- queryRequestBuilder.setResourceContext(structBuilder);
+ queryRequestBuilder.setResourceContext(resourceContext);
QueryResponse queryResponse = client.query(queryRequestBuilder.build());
return queryResponse.getResponse();
}
+ @Override
+ public Struct query(String query, PolicyCtx policyContext, Map resourceCtx) {
+ return query(query, new IdentityCtx("", IdentityType.IDENTITY_TYPE_NONE), policyContext, resourceCtx);
+ }
+
@Override
public Map decisionTree(IdentityCtx identityCtx, PolicyCtx policyCtx) {
DecisionTreeRequest.Builder decisionTreeBuilder = DecisionTreeRequest.newBuilder();
@@ -129,7 +139,7 @@ private PolicyInstance buildPolicy(String name) {
}
private IdentityContext buildIdentityContext(IdentityCtx identityContext) {
- IdentityContext.Builder identityContextBuilder = IdentityContext.newBuilder();
+ IdentityContext.Builder identityContextBuilder = IdentityContext.newBuilder();
identityContextBuilder.setIdentity(identityContext.getIdentity());
identityContextBuilder.setType(identityContext.getIdentityType());
diff --git a/src/main/java/com/aserto/directory/v3/DirectoryClient.java b/src/main/java/com/aserto/directory/v3/DirectoryClient.java
index f3eef6c..d92786f 100644
--- a/src/main/java/com/aserto/directory/v3/DirectoryClient.java
+++ b/src/main/java/com/aserto/directory/v3/DirectoryClient.java
@@ -19,7 +19,6 @@
import com.google.protobuf.Struct;
import com.aserto.directory.common.v3.Object;
-
import com.google.protobuf.Timestamp;
import io.grpc.ManagedChannel;
import io.grpc.Status;
@@ -51,12 +50,11 @@ public class DirectoryClient implements DirectoryClientReader,
private ModelGrpc.ModelStub modelClientAsync;
public DirectoryClient(
- ManagedChannel readerChannel,
- ManagedChannel writerChannel,
- ManagedChannel importerChannel,
- ManagedChannel exporterChannel,
- ManagedChannel modelChannel
- ) {
+ ManagedChannel readerChannel,
+ ManagedChannel writerChannel,
+ ManagedChannel importerChannel,
+ ManagedChannel exporterChannel,
+ ManagedChannel modelChannel) {
if (readerChannel != null) {
readerClient = ReaderGrpc.newBlockingStub(readerChannel);
}
@@ -92,8 +90,10 @@ public DirectoryClient(ManagedChannel managedChannel) {
public GetObjectResponse getObject(String type, String id) throws UninitilizedClientException {
return getObject(type, id, false);
}
+
@Override
- public GetObjectResponse getObject(String type, String id, boolean withRelations) throws UninitilizedClientException {
+ public GetObjectResponse getObject(String type, String id, boolean withRelations)
+ throws UninitilizedClientException {
if (readerClient == null) {
throw new UninitilizedClientException("Reader client is not initialized");
}
@@ -111,7 +111,8 @@ public GetObjectsResponse getObjects(String type) throws UninitilizedClientExcep
}
@Override
- public GetObjectsResponse getObjects(String type, int pageSize, String pageToken) throws UninitilizedClientException {
+ public GetObjectsResponse getObjects(String type, int pageSize, String pageToken)
+ throws UninitilizedClientException {
if (readerClient == null) {
throw new UninitilizedClientException("Reader client is not initialized");
}
@@ -123,7 +124,8 @@ public GetObjectsResponse getObjects(String type, int pageSize, String pageToken
}
@Override
- public GetObjectManyResponse getObjectManyRequest(List objectIdentifiers) throws UninitilizedClientException {
+ public GetObjectManyResponse getObjectManyRequest(List objectIdentifiers)
+ throws UninitilizedClientException {
if (readerClient == null) {
throw new UninitilizedClientException("Reader client is not initialized");
}
@@ -142,49 +144,45 @@ private PaginationRequest buildPaginationRequest(int pageSize, String pageToken)
@Override
public GetRelationResponse getRelation(
- String objectType,
- String objectId,
- String relationName,
- String subjectType,
- String subjectId
- ) throws UninitilizedClientException {
+ String objectType,
+ String objectId,
+ String relationName,
+ String subjectType,
+ String subjectId) throws UninitilizedClientException {
return getRelation(objectType, objectId, relationName, subjectType, subjectId, "", false);
}
@Override
public GetRelationResponse getRelation(
- String objectType,
- String objectId,
- String relationName,
- String subjectType,
- String subjectId,
- boolean withObjects
- ) throws UninitilizedClientException {
+ String objectType,
+ String objectId,
+ String relationName,
+ String subjectType,
+ String subjectId,
+ boolean withObjects) throws UninitilizedClientException {
return getRelation(objectType, objectId, relationName, subjectType, subjectId, "", withObjects);
}
@Override
public GetRelationResponse getRelation(
- String objectType,
- String objectId,
- String relationName,
- String subjectType,
- String subjectId,
- String subjectRelation
- ) throws UninitilizedClientException {
+ String objectType,
+ String objectId,
+ String relationName,
+ String subjectType,
+ String subjectId,
+ String subjectRelation) throws UninitilizedClientException {
return getRelation(objectType, objectId, relationName, subjectType, subjectId, subjectRelation, false);
}
@Override
public GetRelationResponse getRelation(
- String objectType,
- String objectId,
- String relationName,
- String subjectType,
- String subjectId,
- String subjectRelation,
- boolean withObjects
- ) throws UninitilizedClientException {
+ String objectType,
+ String objectId,
+ String relationName,
+ String subjectType,
+ String subjectId,
+ String subjectRelation,
+ boolean withObjects) throws UninitilizedClientException {
if (readerClient == null) {
throw new UninitilizedClientException("Reader client is not initialized");
}
@@ -212,35 +210,36 @@ public GetRelationsResponse getRelations(GetRelationsRequest relationsRequest) t
/**
* Checks whether a subject has a given permission on an object.
*
- * @deprecated use @link {@link #check(String, String, String, String, String)} instead.
+ * @deprecated use @link {@link #check(String, String, String, String, String)}
+ * instead.
*/
@Deprecated
@Override
public CheckPermissionResponse checkPermission(
- String objectType,
- String objectId,
- String subjectType,
- String subjectId,
- String permissionName
- ) throws UninitilizedClientException {
+ String objectType,
+ String objectId,
+ String subjectType,
+ String subjectId,
+ String permissionName) throws UninitilizedClientException {
return checkPermission(objectType, objectId, subjectType, subjectId, permissionName, false);
}
/**
* Checks whether a subject has a given permission on an object.
*
- * @deprecated use @link {@link #check(String, String, String, String, String, boolean)} instead.
+ * @deprecated use @link
+ * {@link #check(String, String, String, String, String, boolean)}
+ * instead.
*/
@Deprecated
@Override
public CheckPermissionResponse checkPermission(
- String objectType,
- String objectId,
- String subjectType,
- String subjectId,
- String permissionName,
- boolean trace
- ) throws UninitilizedClientException {
+ String objectType,
+ String objectId,
+ String subjectType,
+ String subjectId,
+ String permissionName,
+ boolean trace) throws UninitilizedClientException {
if (readerClient == null) {
throw new UninitilizedClientException("Reader client is not initialized");
}
@@ -258,35 +257,36 @@ public CheckPermissionResponse checkPermission(
/**
* Checks whether a subject has a given relation to an object.
*
- * @deprecated use @link {@link #check(String, String, String, String, String)} instead.
+ * @deprecated use @link {@link #check(String, String, String, String, String)}
+ * instead.
*/
@Deprecated
@Override
public CheckRelationResponse checkRelation(
- String objectType,
- String objectId,
- String relationName,
- String subjectType,
- String subjectId
- ) throws UninitilizedClientException {
+ String objectType,
+ String objectId,
+ String relationName,
+ String subjectType,
+ String subjectId) throws UninitilizedClientException {
return checkRelation(objectType, objectId, relationName, subjectType, subjectId, false);
}
/**
* Checks whether a subject has a given relation to an object.
*
- * @deprecated use @link {@link #check(String, String, String, String, String, boolean)} instead.
+ * @deprecated use @link
+ * {@link #check(String, String, String, String, String, boolean)}
+ * instead.
*/
@Deprecated
@Override
public CheckRelationResponse checkRelation(
- String objectType,
- String objectId,
- String relationName,
- String subjectType,
- String subjectId,
- boolean trace
- ) throws UninitilizedClientException {
+ String objectType,
+ String objectId,
+ String relationName,
+ String subjectType,
+ String subjectId,
+ boolean trace) throws UninitilizedClientException {
if (readerClient == null) {
throw new UninitilizedClientException("Reader client is not initialized");
}
@@ -303,24 +303,22 @@ public CheckRelationResponse checkRelation(
@Override
public CheckResponse check(
- String objectType,
- String objectId,
- String relationName,
- String subjectType,
- String subjectId
- ) throws UninitilizedClientException {
+ String objectType,
+ String objectId,
+ String relationName,
+ String subjectType,
+ String subjectId) throws UninitilizedClientException {
return check(objectType, objectId, relationName, subjectType, subjectId, false);
}
@Override
public CheckResponse check(
- String objectType,
- String objectId,
- String relationName,
- String subjectType,
- String subjectId,
- boolean trace
- ) throws UninitilizedClientException {
+ String objectType,
+ String objectId,
+ String relationName,
+ String subjectType,
+ String subjectId,
+ boolean trace) throws UninitilizedClientException {
if (readerClient == null) {
throw new UninitilizedClientException("Reader client is not initialized");
}
@@ -347,12 +345,11 @@ public SetObjectResponse setObject(String type, String id) throws UninitilizedCl
@Override
public SetObjectResponse setObject(
- String type,
- String id,
- String displayName,
- Struct properties,
- String hash
- ) throws UninitilizedClientException {
+ String type,
+ String id,
+ String displayName,
+ Struct properties,
+ String hash) throws UninitilizedClientException {
if (writerClient == null) {
throw new UninitilizedClientException("Writer client is not initialized");
}
@@ -368,8 +365,8 @@ public SetObjectResponse setObject(
.setDisplayName(displayName)
.setProperties(properties)
.setCreatedAt(timestamp)
- .build()
- ).build();
+ .build())
+ .build();
return writerClient.setObject(objRequest);
}
@@ -380,7 +377,8 @@ public DeleteObjectResponse deleteObject(String type, String id) throws Uninitil
}
@Override
- public DeleteObjectResponse deleteObject(String type, String id, boolean withRelations) throws UninitilizedClientException {
+ public DeleteObjectResponse deleteObject(String type, String id, boolean withRelations)
+ throws UninitilizedClientException {
if (writerClient == null) {
throw new UninitilizedClientException("Writer client is not initialized");
}
@@ -394,12 +392,11 @@ public DeleteObjectResponse deleteObject(String type, String id, boolean withRel
@Override
public SetRelationResponse setRelation(
- String objectType,
- String objectId,
- String relationName,
- String subjectType,
- String subjectId
- ) throws UninitilizedClientException {
+ String objectType,
+ String objectId,
+ String relationName,
+ String subjectType,
+ String subjectId) throws UninitilizedClientException {
if (writerClient == null) {
throw new UninitilizedClientException("Writer client is not initialized");
}
@@ -417,13 +414,12 @@ public SetRelationResponse setRelation(
@Override
public SetRelationResponse setRelation(
- String objectType,
- String objectId,
- String relationName,
- String subjectType,
- String subjectId,
- String subjectRelation
- ) throws UninitilizedClientException {
+ String objectType,
+ String objectId,
+ String relationName,
+ String subjectType,
+ String subjectId,
+ String subjectRelation) throws UninitilizedClientException {
if (writerClient == null) {
throw new UninitilizedClientException("Writer client is not initialized");
}
@@ -442,14 +438,13 @@ public SetRelationResponse setRelation(
@Override
public SetRelationResponse setRelation(
- String objectType,
- String objectId,
- String relationName,
- String subjectType,
- String subjectId,
- String subjectRelation,
- String hash
- ) throws UninitilizedClientException {
+ String objectType,
+ String objectId,
+ String relationName,
+ String subjectType,
+ String subjectId,
+ String subjectRelation,
+ String hash) throws UninitilizedClientException {
if (writerClient == null) {
throw new UninitilizedClientException("Writer client is not initialized");
}
@@ -469,12 +464,11 @@ public SetRelationResponse setRelation(
@Override
public DeleteRelationResponse deleteRelation(
- String objectType,
- String objectId,
- String relationName,
- String subjectType,
- String subjectId
- ) throws UninitilizedClientException {
+ String objectType,
+ String objectId,
+ String relationName,
+ String subjectType,
+ String subjectId) throws UninitilizedClientException {
if (writerClient == null) {
throw new UninitilizedClientException("Writer client is not initialized");
}
@@ -490,13 +484,12 @@ public DeleteRelationResponse deleteRelation(
@Override
public DeleteRelationResponse deleteRelation(
- String objectType,
- String objectId,
- String relationName,
- String subjectType,
- String subjectId,
- String subjectRelation
- ) throws UninitilizedClientException {
+ String objectType,
+ String objectId,
+ String relationName,
+ String subjectType,
+ String subjectId,
+ String subjectRelation) throws UninitilizedClientException {
if (writerClient == null) {
throw new UninitilizedClientException("Writer client is not initialized");
}
@@ -518,12 +511,11 @@ public GetManifestResponse getManifest() throws UninitilizedClientException {
}
GetManifestRequest manifestRequest = GetManifestRequest.newBuilder().build();
- Iterator manifestResponses = modelClient.getManifest(manifestRequest);
-
- Metadata.Builder metadataBuilder = Metadata.newBuilder();
+ Iterator manifestResponses = modelClient.getManifest(manifestRequest);
+ Metadata.Builder metadataBuilder = Metadata.newBuilder();
- ByteArrayOutputStream outputStream = new ByteArrayOutputStream( );
+ ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
manifestResponses.forEachRemaining(manifestResponse -> {
if (!manifestResponse.getMetadata().getAllFields().isEmpty()) {
manifestResponse.getMetadata().getAllFields().forEach(metadataBuilder::setField);
@@ -531,7 +523,8 @@ public GetManifestResponse getManifest() throws UninitilizedClientException {
try {
outputStream.write(manifestResponse.getBody().getData().toByteArray());
} catch (IOException e) {
- logger.error("Could not write to stream the fallowing message: {}", manifestResponse.getBody().getData().toByteArray());
+ logger.error("Could not write to stream the fallowing message: {}",
+ manifestResponse.getBody().getData().toByteArray());
}
}
});
@@ -587,7 +580,6 @@ public void onCompleted() {
}
}
-
@Override
public DeleteManifestResponse deleteManifest() throws UninitilizedClientException {
if (modelClient == null) {
@@ -597,13 +589,16 @@ public DeleteManifestResponse deleteManifest() throws UninitilizedClientExceptio
return modelClient.deleteManifest(DeleteManifestRequest.newBuilder().build());
}
+ @Deprecated
@Override
- public void importData(Stream importStream) throws InterruptedException, UninitilizedClientException {
+ public void importData(Stream importStream)
+ throws InterruptedException, UninitilizedClientException {
importData(importStream, new NullImportHandler());
}
@Override
- public Status importData(Stream importStream, ImportHandler handler) throws InterruptedException, UninitilizedClientException {
+ public Status importData(Stream importStream, ImportHandler handler)
+ throws InterruptedException, UninitilizedClientException {
if (importerClient == null) {
throw new UninitilizedClientException("Import client is not initialized");
}
@@ -612,14 +607,15 @@ public Status importData(Stream importStream, ImportHandler handl
StreamObserver requests = importerClient.import_(responses);
importStream.takeWhile(
- t -> responses.getStatus().isOk()
- ).forEach(importElement -> {
- if (importElement.getObject() != null) {
- requests.onNext(ImportRequest.newBuilder().setOpCode(importElement.getOpcode()).setObject(importElement.getObject()).build());
- } else if (importElement.getRelation() != null) {
- requests.onNext(ImportRequest.newBuilder().setOpCode(importElement.getOpcode()).setRelation(importElement.getRelation()).build());
- }
- });
+ t -> responses.getStatus().isOk()).forEach(importElement -> {
+ if (importElement.getObject() != null) {
+ requests.onNext(ImportRequest.newBuilder().setOpCode(importElement.getOpcode())
+ .setObject(importElement.getObject()).build());
+ } else if (importElement.getRelation() != null) {
+ requests.onNext(ImportRequest.newBuilder().setOpCode(importElement.getOpcode())
+ .setRelation(importElement.getRelation()).build());
+ }
+ });
requests.onCompleted();
return responses.await(5, TimeUnit.SECONDS);