Policy

Policy

An authorization policy that controls access to TDF ciphertext.

This object is intended to be read-only. Modifications to the policy should be made through builder().

Constructor

new Policy()

Construct an empty policy, for instance, to initialize a PolicyBuilder. The following lines are equivalent:
     new Virtru.Policy().builder();
     new Virtru.PolicyBuilder();

Methods

builder()

Construct a PolicyBuilder which is prepopulated with the contents of this policy.

getExpirationDeadline() → {string}

Get the deadline after which this policy is expired. The policy this data controls may no longer be accessed by users
Returns:
- expiration deadline in ISO 8601 form (e.g., "2022-08-12T14:37:26.101Z").
Type
string

getPolicyId() → {string}

Get the unique identifier associated with this policy. The policyId is set automatically when building EncryptParamsBuilder.
Returns:
- the policy id.
Type
string

getUsersWithAccess() → {array}

Get the list of users authorized to decrypt the encrypted data.
Returns:
- an array of all users whitelisted for access to the encrypted data.
Type
array

hasReshare() → {boolean}

True if the authorization policy has the reshare feature enabled. In the near future, this flag will allow authorized users to forward encrypted data to other users as desired.
Returns:
Type
boolean

hasUsersWithAccess(…users) → {boolean}

True if all of the provided users are authorized to decrypt the encrypted data.
Parameters:
Name Type Attributes Description
users iterable <repeatable>
Varargs or an array of the users (e.g., email addresses) to check access for.
Returns:
Type
boolean

hasUserWithAccess(user) → {boolean}

True if the provided user is authorized to decrypt the encrypted data.
Parameters:
Name Type Description
user string the user (e.g., email address) to check access for.
Returns:
Type
boolean

hasWatermarking()

True if the authorization policy has the watermarking feature enabled. This will add a watermark when viewed in Secure Reader.

Warning: Data with watermarking enabled can only be decrypted using Secure Reader.