public class OperationChainLimiter extends Object implements GraphHook
OperationChainLimiter is a GraphHook that checks a
user is authorised to execute an operation chain based on that user's maximum chain score and the configured score value for each operation in the chain.
This class requires a map of operation scores.
When using a properties file the last entry in the file that an operation can be assigned to will be the score that is used for that operation.
containing the operations and the score.
E.g if you put gaffer.operation.impl.add.AddElements = 8
And then gaffer.operation.impl.add = 1
The add elements will have a score of 1 not 8.
So make sure to write your properties file in class hierarchical order.
This class also requires a map of authorisation scores,
this is the score value someone with that auth can have, the maximum score value of a users auths is used.
The class delegates the logic to ScoreOperationChainHandler. If you
wish to use the ScoreOperationChain operation and this graph hook,
then both need to have the same score configuration.| Constructor and Description |
|---|
OperationChainLimiter() |
| Modifier and Type | Method and Description |
|---|---|
Map<String,Integer> |
getAuthScores() |
Map<Class<? extends Operation>,Integer> |
getOpScores() |
Map<String,Integer> |
getOpScoresAsStrings() |
Map<Class<? extends Operation>,ScoreResolver> |
getScoreResolvers() |
<T> T |
onFailure(T result,
OperationChain<?> opChain,
Context context,
Exception e)
Called from
Graph if an error occurs whilst
executing the OperationChain. |
<T> T |
postExecute(T result,
OperationChain<?> opChain,
Context context)
Called from
Graph after an OperationChain
is executed. |
void |
preExecute(OperationChain<?> opChain,
Context context)
Checks the
OperationChain is allowed to be executed by the user. |
void |
setAuthScores(Map<String,Integer> authScores) |
void |
setOpScores(Map<Class<? extends Operation>,Integer> opScores) |
void |
setOpScoresFromStrings(Map<String,Integer> opScores) |
void |
setScoreResolvers(Map<Class<? extends Operation>,ScoreResolver> resolvers) |
public void preExecute(OperationChain<?> opChain, Context context)
OperationChain is allowed to be executed by the user.
This is done by checking the user's auths against the auth scores getting the users maximum score limit value.
Then checking the operation score of all operations in the chain and comparing the total score value of the chain against a users maximum score limit.
If an operation cannot be executed then an IllegalAccessError is thrown.preExecute in interface GraphHookcontext - the Context containing the user to authorise.opChain - the operation chain.public <T> T postExecute(T result,
OperationChain<?> opChain,
Context context)
GraphHookGraph after an OperationChain
is executed.postExecute in interface GraphHookT - the result typeresult - the result from the operation chainopChain - the OperationChain that was executed. This can be modified/optimised in any GraphHook.context - the Context in which the operation chain was executed. The context also holds a reference to the original operation chain.public <T> T onFailure(T result,
OperationChain<?> opChain,
Context context,
Exception e)
GraphHookGraph if an error occurs whilst
executing the OperationChain.onFailure in interface GraphHookT - the result typeresult - the result from the operation chain - likely to be null.opChain - the OperationChain that was executed. This can be modified/optimised in any GraphHook.context - the Context in which the operation chain was executed. The context also holds a reference to the original operation chain.e - the exceptionpublic void setOpScoresFromStrings(Map<String,Integer> opScores) throws ClassNotFoundException
ClassNotFoundExceptionpublic Map<Class<? extends Operation>,ScoreResolver> getScoreResolvers()
public void setScoreResolvers(Map<Class<? extends Operation>,ScoreResolver> resolvers)
Copyright © 2022. All rights reserved.