io.realm.sync.permissions

Class Permission

java.lang.Object

io.realm.RealmObject

io.realm.sync.permissions.Permission

All Implemented Interfaces:

RealmModel

public class Permission
extends RealmObject

This class encapsulates the privileges granted a given Role. These privileges can be applied to either the entire Realm, Classes or individual objects.

If no privileges are defined for an individual object, the values ClassPermissions will be inherited, if no values are defined there, the ones from RealmPermissions will be used. If no values can be found there, no privileges are granted.

Not all privileges are meaningful all levels, e.g. `canCreate` is only meaningful when applied to classes, but it can still be defined at the Realm level. In that case all class permission objects will inherit the value unless they specifically override it. See the individual privileges for the details.

When added to either RealmPermissions, ClassPermissions or a RealmObject, only one Permission object can exist for that role. If multiple objects are added the behavior is undefined and the Object Server might modify or delete both objects.

See Also:

Object Level Permissions for an detailed description of the Realm Object Server permission system.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	Permission.Builder Creates a Permission object in a fluid manner.

Constructor Summary

Constructors

Constructor and Description
Permission()
Permission(Role role) Creates a set of privileges for the given role.

Method Summary

Modifier and Type	Method and Description
boolean	canCreate() Returns true if the role is allowed to create objects, false if not.
boolean	canDelete() Returns true if the role is allowed to delete the object , false if not.
boolean	canModifySchema() Returns true if the role is allowed to modify the schema of the resource, false if not.
boolean	canQuery() Returns true if the role is allowed to query the resource, false if not.
boolean	canRead() Returns true if the role is allowed to read the resource, false if not.
boolean	canSetPermissions() Returns true if this this role is allowed to change permissions on the given resource.
boolean	canUpdate() Returns true if the role is allowed to update the resource, false if not.
Role	getRole() Returns the role these privileges apply to.
void	setCanCreate(boolean canCreate) Defines if this role is allowed to create objects of this type.
void	setCanDelete(boolean canDelete) Defines if this role can delete the given resource or not.
void	setCanModifySchema(boolean canModifySchema) Defines if this role is allowed to modify the schema of this resource.
void	setCanQuery(boolean canQuery) Defines if this role is allowed to query the resource or not.
void	setCanRead(boolean canRead) Defines if this role can read from given resource or not.
void	setCanSetPermissions(boolean canSetPermissions) Defines if this role is allowed to change permissions on the given resource.
void	setCanUpdate(boolean canUpdate) Defines if this role can update the given resource or not.

Methods inherited from class io.realm.RealmObject

addChangeListener, addChangeListener, addChangeListener, addChangeListener, asChangesetObservable, asChangesetObservable, asFlowable, asFlowable, deleteFromRealm, deleteFromRealm, freeze, freeze, getRealm, getRealm, isFrozen, isFrozen, isLoaded, isLoaded, isManaged, isManaged, isValid, isValid, load, load, removeAllChangeListeners, removeAllChangeListeners, removeChangeListener, removeChangeListener, removeChangeListener, removeChangeListener

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Permission

public Permission()

Permission

public Permission(Role role)

Creates a set of privileges for the given role.

Method Detail

getRole

public Role getRole()

Returns the role these privileges apply to.

Returns:

the role these privileges apply to.

canRead

public boolean canRead()

Returns true if the role is allowed to read the resource, false if not.

setCanRead

public void setCanRead(boolean canRead)

Defines if this role can read from given resource or not.

1. Realm: The role is allowed to read all objects from the Realm. If false, the Realm will appear completely empty to the role, effectively making it inaccessible.
2. Class: The role is allowed to read the objects of this type and all referenced objects, even if those objects themselves have set this to false. If false, the role cannot see any object of this type and all queries against the type will return no results.
3. Object: Determines if a role is allowed to see the individual object or not.

Parameters:

canRead - true if the role is allowed to read this resource, false if not.

canUpdate

public boolean canUpdate()

Returns true if the role is allowed to update the resource, false if not.

setCanUpdate

public void setCanUpdate(boolean canUpdate)

Defines if this role can update the given resource or not.

1. Realm: If true, the role is allowed update properties on all objects in the Realm. This does not include updating permissions nor creating or deleting objects.
2. Class: If true, the role is allowed update properties on all objects of this type in the Realm. This does not include updating permissions nor creating or deleting objects.
3. Object: If true, the role is allowed to update properties on the object. This does not cover updating permissions or deleting the object.

Parameters:

canUpdate - true if the role is allowed to update this resource, false if not.

canDelete

public boolean canDelete()

Returns true if the role is allowed to delete the object , false if not.

setCanDelete

public void setCanDelete(boolean canDelete)

Defines if this role can delete the given resource or not.

1. Realm: Not applicable.
2. Class: Not applicable.
3. Object: If true, the role is allowed to delete the object.

Parameters:

canDelete - true if the role is allowed to delete this resource, false if not.

canSetPermissions

public boolean canSetPermissions()

Returns true if this this role is allowed to change permissions on the given resource.

setCanSetPermissions

public void setCanSetPermissions(boolean canSetPermissions)

Defines if this role is allowed to change permissions on the given resource. Permissions can only be granted at the same permission level or below. E.g. if set on a Class, it is not possible to change Realm level permissions, but does allow the role to change object level permissions for objects of that type.

1. Realm: The role is allowed to modify the RealmPermissions object.
2. Class: The role is allowed the change the ClassPermissions object.
3. Object: The role is allowed to change the permissions on this object.

Parameters:

canSetPermissions - true if the role is allowed to change the permissions for this resource.

canQuery

public boolean canQuery()

Returns true if the role is allowed to query the resource, false if not.

setCanQuery

public void setCanQuery(boolean canQuery)

Defines if this role is allowed to query the resource or not.

Note, that local queries are always possible, but the query result will just be empty.

1. Realm: Not applicable.
2. Class: The role is allowed to query objects of this type.
3. Object: Not applicable.

Parameters:

canQuery - true if the role is allowed to query objects of this type.

canCreate

public boolean canCreate()

Returns true if the role is allowed to create objects, false if not.

setCanCreate

public void setCanCreate(boolean canCreate)

Defines if this role is allowed to create objects of this type.

1. Realm: Not applicable.
2. Class: If true, the role is allowed to create objects of this type.
3. Object: Not applicable.

Parameters:

canCreate - true if the role is allowed to create objects of this type.

canModifySchema

public boolean canModifySchema()

Returns true if the role is allowed to modify the schema of the resource, false if not.

setCanModifySchema

public void setCanModifySchema(boolean canModifySchema)

Defines if this role is allowed to modify the schema of this resource.

1. Realm: If true the role is allowed to create classes in the Realm.
2. Class: If true, the role is allowed to add properties to the specified class.
3. Object: Not applicable.

Parameters:

canModifySchema - true if the role is allowed to modify the schema of this resource.