Conditions are expressions using JEXL that control access to something.
Conditions are a single expression.
Conditions can be applied to:
-
entire directories (in the permissions.jexl file)
-
Pipelines
-
Endpoints
The context of a Condition includes three variables:
-
a variable of type uk.co.spudsoft.query.exec.conditions.RequestContext called "req" that includes:
-
requestId A unique ID for the request. If Distributed Tracing is enabled this will be the Span ID, otherwise it will be a random UUID.
-
String url The full URL of the request.
-
host The host extracted from the URL.
-
arguments
An com.google.common.collect.ImmutableMap of query string arguments.
The arguments will be typed according to their specified uk.co.spudsoft.query.defn.DataType and will either be a single value or, if the argument is multi-valued, an com.google.common.collect.ImmutableList or typed values.
Note that the arguments are only typed when a pipeline instance is created, if the arguments field is access before (i.e. in a folder permissions.jexl file) all values will be strings. * params
A io.vertx.core.MultiMap of un-processed query string argumets. * headers
A io.vertx.core.MultiMap of request headers. * cookies
A java.util.Map map of request cookies. * clientIp
The IP address of client making the request, taken from the first of:
-
The X-Cluster-Client-IP header.
-
The X-Forwarded-For header.
-
The actual IP address making the TCP connection.
-
jwt The Json Web Token associated with the request, if any.
-
clientIpIsIn A function that receives an array of IP addresses or subnets (in slash notation) and returns true if the clientIp matches any of them.
-
a variable of type integer called "iteration" that is incremented each time the condition is evaluated. <br>For conditions evaluated in the context of a DataRow this can be used as a surrogate for the row number.
-
a variable of type uk.co.spudsoft.query.exec.DataRow called "row" that will be set to the current DataRow if there is one, or an empty row if not.
A condition should return either the true or false. In addition if it returns the string "true" it will be considered to be true. Any other return value will be considered false.
Some examples Conditions are
*
requestContext != null
Checks that the request context is not null, pretty useless in a live environment. *
requestContext.clientIpIsIn('127.0.0.1/32','172.17.0.1/16','0:0:0:0:0:0:0:1')
Checks that the client IP address is either localhost or in "172.17.0.0/16". *
requestContext.host == 'localhost'
Checks that the host on the request is localhost.
When referencing optional arguments use "Map accesses" (args['argName']
) rather than "JavaBean property access" (args.argName
).
The dotted approach will generate an error if the argument is not supplied.
Name |
Type |
Details |