| /aosp_15_r20/external/grpc-grpc/src/core/lib/security/authorization/ |
| H A D | rbac_policy.cc | 281 // Principal
284 Rbac::Principal Rbac::Principal::MakeAndPrincipal( in MakeAndPrincipal()
285 std::vector<std::unique_ptr<Principal>> principals) { in MakeAndPrincipal()
286 Principal principal; in MakeAndPrincipal() local
287 principal.type = Principal::RuleType::kAnd; in MakeAndPrincipal()
288 principal.principals = std::move(principals); in MakeAndPrincipal()
289 return principal; in MakeAndPrincipal()
292 Rbac::Principal Rbac::Principal::MakeOrPrincipal( in MakeOrPrincipal()
293 std::vector<std::unique_ptr<Principal>> principals) { in MakeOrPrincipal()
294 Principal principal; in MakeOrPrincipal() local
[all …]
|
| H A D | rbac_policy.h | 111 struct Principal { struct
126 static Principal MakeAndPrincipal(
127 std::vector<std::unique_ptr<Principal>> principals);
128 static Principal MakeOrPrincipal(
129 std::vector<std::unique_ptr<Principal>> principals);
130 static Principal MakeNotPrincipal(Principal principal);
131 static Principal MakeAnyPrincipal();
132 static Principal MakeAuthenticatedPrincipal(
134 static Principal MakeSourceIpPrincipal(CidrRange ip);
135 static Principal MakeDirectRemoteIpPrincipal(CidrRange ip);
[all …]
|
| H A D | matchers.cc | 80 Rbac::Principal principal) { in Create() argument
81 switch (principal.type) { in Create()
82 case Rbac::Principal::RuleType::kAnd: { in Create()
84 matchers.reserve(principal.principals.size()); in Create()
85 for (const auto& id : principal.principals) { in Create()
90 case Rbac::Principal::RuleType::kOr: { in Create()
92 matchers.reserve(principal.principals.size()); in Create()
93 for (const auto& id : principal.principals) { in Create()
98 case Rbac::Principal::RuleType::kNot: in Create()
100 AuthorizationMatcher::Create(std::move(*principal.principals[0]))); in Create()
[all …]
|
| /aosp_15_r20/external/rust/android-crates-io/crates/grpcio-sys/grpc/src/core/lib/security/authorization/ |
| D | rbac_policy.cc | 283 // Principal
286 Rbac::Principal Rbac::Principal::MakeAndPrincipal( in MakeAndPrincipal()
287 std::vector<std::unique_ptr<Principal>> principals) { in MakeAndPrincipal()
288 Principal principal; in MakeAndPrincipal() local
289 principal.type = Principal::RuleType::kAnd; in MakeAndPrincipal()
290 principal.principals = std::move(principals); in MakeAndPrincipal()
291 return principal; in MakeAndPrincipal()
294 Rbac::Principal Rbac::Principal::MakeOrPrincipal( in MakeOrPrincipal()
295 std::vector<std::unique_ptr<Principal>> principals) { in MakeOrPrincipal()
296 Principal principal; in MakeOrPrincipal() local
[all …]
|
| D | rbac_policy.h | 111 struct Principal { struct
126 static Principal MakeAndPrincipal(
127 std::vector<std::unique_ptr<Principal>> principals);
128 static Principal MakeOrPrincipal(
129 std::vector<std::unique_ptr<Principal>> principals);
130 static Principal MakeNotPrincipal(Principal principal);
131 static Principal MakeAnyPrincipal();
132 static Principal MakeAuthenticatedPrincipal(
134 static Principal MakeSourceIpPrincipal(CidrRange ip);
135 static Principal MakeDirectRemoteIpPrincipal(CidrRange ip);
[all …]
|
| /aosp_15_r20/external/googleapis/google/cloud/policytroubleshooter/iam/v3beta/ |
| H A D | troubleshooter.proto | 43 // Checks whether a principal has a specific permission for a specific
44 // resource, and explains why the principal does or doesn't have that
55 // Whether IAM allow policies gives the principal the permission.
60 // The allow policy gives the principal the permission.
63 // The allow policy doesn't give the principal the permission.
66 // The allow policy gives the principal the permission if a condition
73 // that Policy Troubleshooter needs to evaluate the principal's access.
77 // Whether IAM deny policies deny the principal the permission.
82 // The deny policy denies the principal the permission.
85 // The deny policy doesn't deny the principal the permission.
[all …]
|
| /aosp_15_r20/external/googleapis/google/cloud/policytroubleshooter/iam/v3/ |
| H A D | troubleshooter.proto | 46 // Checks whether a principal has a specific permission for a specific
47 // resource, and explains why the principal does or doesn't have that
58 // Whether IAM allow policies gives the principal the permission.
63 // The allow policy gives the principal the permission.
66 // The allow policy doesn't give the principal the permission.
69 // The allow policy gives the principal the permission if a condition
76 // that Policy Troubleshooter needs to evaluate the principal's access.
80 // Whether IAM deny policies deny the principal the permission.
85 // The deny policy denies the principal the permission.
88 // The deny policy doesn't deny the principal the permission.
[all …]
|
| /aosp_15_r20/external/aws-sdk-java-v2/test/test-utils/src/test/java/software/amazon/awssdk/core/auth/policy/ |
| H A D | PolicyTest.java | 27 import software.amazon.awssdk.core.auth.policy.Principal.Service;
28 import software.amazon.awssdk.core.auth.policy.Principal.WebIdentityProvider;
46 .withPrincipals(new Principal("accountId1"), in testPrincipals()
47 new Principal("accountId2")) in testPrincipals()
58 assertTrue(statement.has("Principal")); in testPrincipals()
62 JsonNode users = statement.get("Principal").get("AWS"); in testPrincipals()
70 .withPrincipals(new Principal(Principal.Service.AmazonEC2), in testPrincipals()
71 … new Principal(Principal.Service.AmazonElasticTranscoder)) in testPrincipals()
80 assertTrue(statement.has("Principal")); in testPrincipals()
84 JsonNode services = statement.get("Principal").get("Service"); in testPrincipals()
[all …]
|
| /aosp_15_r20/out/soong/.intermediates/libcore/core_oj_api_files/gen/gensrcs/libcore/ojluni/src/main/java/java/security/acl/ |
| D | Acl.java | 29 import java.security.Principal;
38 * set of permissions associated with a particular principal. (A
39 * principal represents an entity such as an individual user or a
42 * granted to the associated principal. If negative, the permissions
47 * <ul> <li>Each principal can have at most one positive ACL entry and
49 * entries are not allowed for any principal. Each entry specifies
53 * <li>If there is no entry for a particular principal, then the
54 * principal is considered to have a null (empty) permission set.
56 * <li>If there is a positive entry that grants a principal a
58 * principal the same permission, the result is as though the
[all …]
|
| D | Group.java | 29 import java.security.Principal;
32 * This interface is used to represent a group of principals. (A principal
35 * Note that Group extends Principal. Thus, either a Principal or a Group can
36 * be passed as an argument to methods containing a Principal parameter. For
37 * example, you can add either a Principal or a Group to a Group object by
39 * Principal or Group.
49 public interface Group extends Principal {
54 * @param user the principal to add to this group.
57 * false if the principal was already a member.
59 public boolean addMember(Principal user); in addMember()
[all …]
|
| /aosp_15_r20/out/soong/.intermediates/libcore/core_oj_api_files/gen/10/libcore/ojluni/src/main/java/java/security/acl/ |
| D | Acl.java | 29 import java.security.Principal;
38 * set of permissions associated with a particular principal. (A
39 * principal represents an entity such as an individual user or a
42 * granted to the associated principal. If negative, the permissions
47 * <ul> <li>Each principal can have at most one positive ACL entry and
49 * entries are not allowed for any principal. Each entry specifies
53 * <li>If there is no entry for a particular principal, then the
54 * principal is considered to have a null (empty) permission set.
56 * <li>If there is a positive entry that grants a principal a
58 * principal the same permission, the result is as though the
[all …]
|
| D | Group.java | 29 import java.security.Principal;
32 * This interface is used to represent a group of principals. (A principal
35 * Note that Group extends Principal. Thus, either a Principal or a Group can
36 * be passed as an argument to methods containing a Principal parameter. For
37 * example, you can add either a Principal or a Group to a Group object by
39 * Principal or Group.
49 public interface Group extends Principal {
54 * @param user the principal to add to this group.
57 * false if the principal was already a member.
59 public boolean addMember(Principal user); in addMember()
[all …]
|
| /aosp_15_r20/libcore/ojluni/src/main/java/java/security/acl/ |
| H A D | Acl.java | 29 import java.security.Principal;
38 * set of permissions associated with a particular principal. (A
39 * principal represents an entity such as an individual user or a
42 * granted to the associated principal. If negative, the permissions
47 * <ul> <li>Each principal can have at most one positive ACL entry and
49 * entries are not allowed for any principal. Each entry specifies
53 * <li>If there is no entry for a particular principal, then the
54 * principal is considered to have a null (empty) permission set.
56 * <li>If there is a positive entry that grants a principal a
58 * principal the same permission, the result is as though the
[all …]
|
| H A D | Group.java | 29 import java.security.Principal;
32 * This interface is used to represent a group of principals. (A principal
35 * Note that Group extends Principal. Thus, either a Principal or a Group can
36 * be passed as an argument to methods containing a Principal parameter. For
37 * example, you can add either a Principal or a Group to a Group object by
39 * Principal or Group.
49 public interface Group extends Principal {
54 * @param user the principal to add to this group.
57 * false if the principal was already a member.
59 public boolean addMember(Principal user); in addMember()
[all …]
|
| /aosp_15_r20/external/aws-sdk-java-v2/test/test-utils/src/main/java/software/amazon/awssdk/core/auth/policy/ |
| H A D | Principal.java | 19 * A principal is an AWS account or AWS web service, which is being allowed or denied access to a
20 * resource through an access control policy. The principal is a property of the
23 * The principal is A in the statement
26 * In an access control policy statement, you can set the principal to all
27 * authenticated AWS users through the {@link Principal#ALL_USERS} member. This
32 public class Principal { class
35 * Principal instance that includes all users, including anonymous users.
41 public static final Principal ALL_USERS = new Principal("AWS", "*");
44 * Principal instance that includes all AWS web services.
46 public static final Principal ALL_SERVICES = new Principal("Service", "*");
[all …]
|
| /aosp_15_r20/external/rust/android-crates-io/crates/grpcio-sys/grpc/src/core/ext/filters/rbac/ |
| D | rbac_service_config_parser.cc | 141 // Principal: a matcher for client identity
142 struct Principal { struct
145 std::vector<Principal> ids;
162 std::unique_ptr<Rbac::Principal> principal; member
164 Principal() = default;
165 Principal(const Principal&) = delete;
166 Principal& operator=(const Principal&) = delete;
167 Principal(Principal&&) = default;
168 Principal& operator=(Principal&&) = default;
170 static std::vector<std::unique_ptr<Rbac::Principal>>
[all …]
|
| /aosp_15_r20/external/grpc-grpc/src/core/ext/filters/rbac/ |
| H A D | rbac_service_config_parser.cc | 141 // Principal: a matcher for client identity
142 struct Principal { struct
145 std::vector<Principal> ids;
162 std::unique_ptr<Rbac::Principal> principal; member
164 Principal() = default;
165 Principal(const Principal&) = delete;
166 Principal& operator=(const Principal&) = delete;
167 Principal(Principal&&) = default;
168 Principal& operator=(Principal&&) = default;
170 static std::vector<std::unique_ptr<Rbac::Principal>>
[all …]
|
| /aosp_15_r20/external/googleapis/google/cloud/policysimulator/v1/ |
| H A D | explanations.proto | 32 // Whether a principal has a permission for a resource.
37 // The principal has the permission.
40 // The principal does not have the permission.
43 // The principal has the permission only if a condition expression evaluates
54 // or whether a binding includes a specific principal, contributes to an overall
69 // Information about the principal, resource, and permission to check.
71 // Required. The principal whose access you want to check, in the form of
72 // the email address that represents that principal. For example,
76 // The principal must be a Google Account or a service account. Other types of
78 string principal = 1 [(google.api.field_behavior) = REQUIRED]; field
[all …]
|
| /aosp_15_r20/external/googleapis/google/cloud/policytroubleshooter/v1/ |
| H A D | explanations.proto | 28 // Information about the principal, resource, and permission to check.
30 // Required. The principal whose access you want to check, in the form of
31 // the email address that represents that principal. For example,
35 // The principal must be a Google Account or a service account. Other types of
37 string principal = 1 [(google.api.field_behavior) = REQUIRED]; field
46 // Required. The IAM permission to check for the specified principal and
61 // specified principal for the specified resource.
63 // This field does _not_ indicate whether the principal actually has the
65 // this policy. To determine whether the principal actually has the
86 // Details about how each binding in the policy affects the principal's
[all …]
|
| /aosp_15_r20/libcore/harmony-tests/src/test/java/org/apache/harmony/tests/javax/security/auth/x500/ |
| H A D | X500PrincipalTest.java | 281 X500Principal principal = new X500Principal( in test_ConstructorLjava_lang_String() local
283 String name = principal.getName(); in test_ConstructorLjava_lang_String()
306 X500Principal principal = new X500Principal( in test_getNameLjava_lang_String() local
308 String canonical = principal.getName(X500Principal.CANONICAL); in test_getNameLjava_lang_String()
352 X500Principal principal = new X500Principal(is); in testStreamPosition() local
353 String s = principal.toString(); in testStreamPosition()
373 X500Principal principal = new X500Principal(is); in testStreamPosition_0() local
374 String s = principal.toString(); in testStreamPosition_0()
400 X500Principal principal = new X500Principal(is); in testStreamPosition_1() local
402 String s = principal.getName(X500Principal.RFC1779); in testStreamPosition_1()
[all …]
|
| /aosp_15_r20/external/python/google-api-python-client/googleapiclient/discovery_cache/documents/ |
| D | policytroubleshooter.v1.json | 111 …escription": "Checks whether a principal has a specific permission for a specific resource, and ex…
135 "description": "Information about the principal, resource, and permission to check.",
143 …"description": "Required. The IAM permission to check for the specified principal and resource. Fo…
146 "principal": { object
147 …principal whose access you want to check, in the form of the email address that represents that pr…
154 …"description": "Details about how a binding in a policy affects a principal's ability to use a per…
158 …principal for the specified resource. This field does _not_ indicate whether the principal actuall…
168 "The principal has the permission.",
169 "The principal does not have the permission.",
170 "The principal has the permission only if a condition expression evaluates to `true`.",
[all …]
|
| /aosp_15_r20/external/sdk-platform-java/java-iam/proto-google-iam-v2/src/main/java/com/google/iam/v2/ |
| H A D | DenyRule.java | 81 * any principal that is on the internet, even if they do not have a Google
83 * * `principal://goog/subject/{email_id}`: A specific Google Account.
85 * example, `principal://goog/subject/alice@example.com`.
86 * * `deleted:principal://goog/subject/{email_id}?uid={uid}`: A specific
88 * `deleted:principal://goog/subject/alice@example.com?uid=1234567890`. If
98 * * `principal://iam.googleapis.com/projects/-/serviceAccounts/{service_account_id}`:
100 …* `principal://iam.googleapis.com/projects/-/serviceAccounts/my-service-account@iam.gservice…
101 …* * `deleted:principal://iam.googleapis.com/projects/-/serviceAccounts/{service_account_id}?uid={u…
103 …* `deleted:principal://iam.googleapis.com/projects/-/serviceAccounts/my-service-account@iam.…
126 * any principal that is on the internet, even if they do not have a Google
[all …]
|
| H A D | DenyRuleOrBuilder.java | 33 * any principal that is on the internet, even if they do not have a Google
35 * * `principal://goog/subject/{email_id}`: A specific Google Account.
37 * example, `principal://goog/subject/alice@example.com`.
38 * * `deleted:principal://goog/subject/{email_id}?uid={uid}`: A specific
40 * `deleted:principal://goog/subject/alice@example.com?uid=1234567890`. If
50 * * `principal://iam.googleapis.com/projects/-/serviceAccounts/{service_account_id}`:
52 …* `principal://iam.googleapis.com/projects/-/serviceAccounts/my-service-account@iam.gservice…
53 …* * `deleted:principal://iam.googleapis.com/projects/-/serviceAccounts/{service_account_id}?uid={u…
55 …* `deleted:principal://iam.googleapis.com/projects/-/serviceAccounts/my-service-account@iam.…
76 * any principal that is on the internet, even if they do not have a Google
[all …]
|
| /aosp_15_r20/external/sdk-platform-java/java-iam/proto-google-iam-v2beta/src/main/java/com/google/iam/v2beta/ |
| H A D | DenyRule.java | 83 * any principal that is on the internet, even if they do not have a Google
85 * * `principal://goog/subject/{email_id}`: A specific Google Account.
87 * example, `principal://goog/subject/alice@example.com`.
88 * * `deleted:principal://goog/subject/{email_id}?uid={uid}`: A specific
90 * `deleted:principal://goog/subject/alice@example.com?uid=1234567890`. If
100 * * `principal://iam.googleapis.com/projects/-/serviceAccounts/{service_account_id}`:
102 …* `principal://iam.googleapis.com/projects/-/serviceAccounts/my-service-account@iam.gservice…
103 …* * `deleted:principal://iam.googleapis.com/projects/-/serviceAccounts/{service_account_id}?uid={u…
105 …* `deleted:principal://iam.googleapis.com/projects/-/serviceAccounts/my-service-account@iam.…
128 * any principal that is on the internet, even if they do not have a Google
[all …]
|
| H A D | DenyRuleOrBuilder.java | 33 * any principal that is on the internet, even if they do not have a Google
35 * * `principal://goog/subject/{email_id}`: A specific Google Account.
37 * example, `principal://goog/subject/alice@example.com`.
38 * * `deleted:principal://goog/subject/{email_id}?uid={uid}`: A specific
40 * `deleted:principal://goog/subject/alice@example.com?uid=1234567890`. If
50 * * `principal://iam.googleapis.com/projects/-/serviceAccounts/{service_account_id}`:
52 …* `principal://iam.googleapis.com/projects/-/serviceAccounts/my-service-account@iam.gservice…
53 …* * `deleted:principal://iam.googleapis.com/projects/-/serviceAccounts/{service_account_id}?uid={u…
55 …* `deleted:principal://iam.googleapis.com/projects/-/serviceAccounts/my-service-account@iam.…
76 * any principal that is on the internet, even if they do not have a Google
[all …]
|