PolicyBuilder

PolicyBuilder

A builder class for Virtru policies. All attempts to change policy parameters should be run through this class.

   // Construct a policy builder
   const policy = new Virtru.PolicyBuilder()   // Or equivalently, `new Virtru.Policy().builder()`.
     .addUsersWithAccess('alice@example.com')  // Allow alice@example.com to decrypt.
     .enableExpirationDeadlineFromNow(60 * 5)  // Expire alice's access to the data five minutes from now.
     .build()

  // Apply this policy to the encrypted data by providing it to EncryptParamsBuilder.
  const encryptParams = new Virtru.EncryptParamsBuilder()
      .withStringSource("Hello, world!")
      .withPolicy(policy)
      // In this case we can skip calling withUsersWithAccess(), since it's already set on the policy.
      .build();
  const ct = await client.encrypt(encryptParams);
   

Constructor

new PolicyBuilder(policy)

Construct a new PolicyBuilder, optionally providing a policy to copy for modification.
Parameters:
Name Type Description
policy Policy the Policy to base this builder on. Changes will not mutate the copied policy.

Methods

addUsersWithAccess(…users)

Adds a varargs or an array of new users to the policy. If nonempty, this PolicyBuilder's list will overwite any users provided to EncryptParamsBuilder.
Parameters:
Name Type Attributes Description
users iterable <repeatable>
new user email addresses to be added to the policy. Can be provided either as varargs or as an array.

disableExpirationDeadline()

Disable expiration on the data.

disableOneClick()

Disables the 'one-click' flag on the policy

disableReshare()

Disables the 're-share' flag on the policy, which is already enabled by default. In the near future, disabling this flag will disallow authorized users to forward encrypted data to other users.

disableWatermarking()

Enable watermarking for the encrypted data. This will add a watermark when viewed in Secure Reader.

Warning: Data with watermarking enabled can only be decrypted using Secure Reader.

enableExpirationDeadline(deadline)

Adds or updates an expiration on the policy. Note that the policy owner can continue to decrypt data past expiration.
Parameters:
Name Type Description
deadline string a ISO 8601 date string (e.g., "2022-08-12T14:37:26.101Z").

enableExpirationDeadlineFromNow(secsFromNow)

Adds or updates an expiration on the policy. Note that the policy owner can continue to decrypt data past expiration.
Parameters:
Name Type Default Description
secsFromNow number 0 the number of seconds from now to set the deadline (e.g., `60` to expire in a minute).

enableOneClick()

Enables the 'one-click' flag on the policy

enableReshare()

Enables the 're-share' flag on the policy, which is already enabled by default. In the near future, enabling this flag will allow authorized users to forward encrypted data to other users as desired.

enableWatermarking()

Enable watermarking on the encrypted data. This will add a watermark when viewed in Secure Reader.

Warning: Data with watermarking enabled can only be decrypted using Secure Reader.

getOwner() → {string}

User sets to be owner of policy, and implicitly grands new owner an access
Returns:
- owner.
Type
string

getUsersWithAccess() → {array}

Get a copy of the list of users authorized to decrypt the encrypted data. If nonempty, this PolicyBuilder's list will overwite any users provided to EncryptParamsBuilder.
Returns:
- an array of all users whitelisted for access to the encrypted data.
Type
array

removeUsersWithAccess(…users)

Removes any number of users from the policy. If nonempty this PolicyBuilder's list will overwite any users provided to EncryptParamsBuilder.
Parameters:
Name Type Attributes Description
users iterable <repeatable>
varargs or an array of users (by email) that is to be removed from the policy. Can be provided either as varargs or as an array.

setOwner(ownerEmail)

User sets to be owner of policy, and implicitly grands new owner an access
Parameters:
Name Type Description
ownerEmail string Email of user that sets to be owner

setUsersWithAccess(…users)

Overwrite the users access list with the provided list. If nonempty, this PolicyBuilder's list will overwite any users provided to EncryptParamsBuilder.
Parameters:
Name Type Attributes Description
users iterable <repeatable>
full list of email addresses to be set on the policy. Can be provided either as varargs or as an array.

withOwner() → {PolicyBuilder}

setOwner for chaining syntax usage
Returns:
- this object.
Type
PolicyBuilder

withUsersWithAccess(…users) → {PolicyBuilder}

Overwrite the users access list with the provided list. If nonempty, this PolicyBuilder's list will overwite any users provided to EncryptParamsBuilder. Returns this object for method chaining.
Parameters:
Name Type Attributes Description
users iterable <repeatable>
full list of email addresses to be set on to the policy. Can be provided either as varargs or as an array.
Returns:
- this object.
Type
PolicyBuilder