Module: caf_security/aggregates

Authorization rule that implements linked local namespaces with an AggregateMap (see external:caf_sharing/AggregateMap).

Source:

Methods

computeRuleId(rule) → {string}

Computes a content-based identifier for a rule.

Parameters:
Name Type Description
rule ruleType

A rule.

Source:
See:
Throws:

Invalid rule.

Type
Error
Returns:

A unique identifier based on the contents of that rule.

Type
string

isAuthorized(caOwner, caLocalName, method, rE) → {boolean}

Checks whether a CA is authorized to make a method call.

Parameters:
Name Type Description
caOwner string

The owner of the calling CA.

caLocalName string

The local name of the calling CA.

method string

A method to authorize.

rE ruleEngineType

A data structure to speed up checks.

Source:
Returns:

True if authorized.

Type
boolean

newAggregateRule(methodsopt, aggregateMapAlias) → {ruleType}

Constructor for a rule that uses an AggregateMap to represent a linked local namespace.

Note that aggregate rules are only active if the corresponding AggregateMap has been added using the caf_sharing plugin.

Parameters:
Name Type Attributes Description
methods Array.<string> | string <optional>

Methods to enable.

aggregateMapAlias string

The alias that we used to instantiate the AggregateMap.

Source:
See:
Returns:

An authorization rule.

Type
ruleType

newRuleEngine(ca, rules) → {ruleEngineType}

Preprocess an array of rules for quick authorization checks.

Parameters:
Name Type Description
ca Object

The CA that contains the security plugin.

rules Array.<ruleType>

A set of rules to pre-process.

Source:
Returns:

An engine to speed up checks.

Type
ruleEngineType