com.atlassian.confluence.api.service.permissions

Interface OperationService

All Known Implementing Classes:

OperationServiceImpl

@ExperimentalApi
 @ParametersAreNonnullByDefault
public interface OperationService

Since:

5.8

Method Summary

Modifier and Type	Method and Description
Map<Target,ValidationResult>	canPerform(Person person, Operation operation, Iterable<Target> targets) Check whether the specified Person can perform a particular operation on each of the specified targets.
ValidationResult	canPerform(Person person, Operation operation, Target target) Check whether a person can perform a particular operation on a particular target.
Map<Target,ValidationResult>	canPerformWithoutExemptions(Person person, Operation operation, Iterable<Target> targets) Check whether the specified Person can perform a particular operation on each of the specified targets.
ValidationResult	canPerformWithoutExemptions(Person person, Operation operation, Target target) Check whether a person can perform a particular operation on a particular target.
List<OperationDescription>	getAllOperationsForType(TargetType targetType) For a given target type, list all operations this service can provide information about.
List<OperationCheckResult>	getAvailableOperations(Person person, Target target) List all operations that a person can perform on a particular target.
List<OperationCheckResult>	getAvailableOperations(Target target) List all operations that the current user can perform on a particular target.
<T> T	withExemption(Supplier<T> task) Execute the given task with permission exemption.

Method Detail

getAllOperationsForType

@Nonnull
List<OperationDescription> getAllOperationsForType(TargetType targetType)

For a given target type, list all operations this service can provide information about.

Returns:

a list describing all operations for which this service can provide permission and validation information for the specified target type

Throws:

BadRequestException - if targetType is null

PermissionException - if targetType is unknown (e.g. for custom types for which no OperationDelegates are registered)

getAvailableOperations

@Nonnull
List<OperationCheckResult> getAvailableOperations(Person person,
                                                           Target target)

List all operations that a person can perform on a particular target.

Parameters:

person - the Person on which to perform a permission and validation check

target - the Target to check permission for

Returns:

a list (possibly empty) of operations the person has permission to perform on this target in its current state, i.e. for which canPerform(Person, Operation, Target) would return a valid and authorized result.

Throws:

BadRequestException - if person or target is null

NotFoundException - if target doesn't exist

PermissionException - if targetType is unknown (e.g. for custom types for which no OperationDelegates are registered)

getAvailableOperations

@Nonnull
List<OperationCheckResult> getAvailableOperations(Target target)

List all operations that the current user can perform on a particular target.

Parameters:

target - the Target to check permission for

Returns:

a list (possibly empty) of operations the current user has permission to perform on this target in its current state, i.e. for which canPerform(Person, Operation, Target) would return a valid and authorized result.

Throws:

BadRequestException - if target is null

NotFoundException - if target doesn't exist

PermissionException - if targetType is unknown (e.g. for custom types for which no OperationDelegates are registered)

canPerform

@Nonnull
ValidationResult canPerform(Person person,
                                     Operation operation,
                                     Target target)

Check whether a person can perform a particular operation on a particular target.

Parameters:

person - the Person on which to perform a permission and validation check

operation - the operation to check permission for

target - the Target to check permission for

Returns:

• an authorized and valid result if Person can perform operation on this target in its current state
• an unauthorized result if permissions prevent Person performing the operation on this target
• a not-valid result for the following cases:
  • the operation is not valid for the specified target type
  • the operation is not currently valid for target due to its state
  • target doesn't exist
  • target is a custom content type or operation is a custom one, and no suitable OperationDelegate is installed

Throws:

BadRequestException - if person, operation or target is null, or if target points to the wrong kind of object for this operation check.

canPerformWithoutExemptions

@Nonnull
ValidationResult canPerformWithoutExemptions(Person person,
                                                      Operation operation,
                                                      Target target)

Check whether a person can perform a particular operation on a particular target.

This check doesn't grant permission exemptions when called using #withExemption(Runnable).

Parameters:

person - the Person on which to perform a permission and validation check

operation - the operation to check permission for

target - the Target to check permission for

Returns:

• an authorized and valid result if Person can perform operation on this target in its current state
• an unauthorized result if permissions prevent Person performing the operation on this target
• a not-valid result for the following cases:
  • the operation is not valid for the specified target type
  • the operation is not currently valid for target due to its state
  • target doesn't exist
  • target is a custom content type or operation is a custom one, and no suitable OperationDelegate is installed

Throws:

BadRequestException - if person, operation or target is null, or if target points to the wrong kind of object for this operation check.

canPerform

@Nonnull
Map<Target,ValidationResult> canPerform(Person person,
                                                 Operation operation,
                                                 Iterable<Target> targets)

Check whether the specified Person can perform a particular operation on each of the specified targets. (Bulk version of canPerform(Person, Operation, Target).)

Parameters:

person - the Person on which to perform a permission and validation check

operation - the operation to check permission for

targets - the Targets to individually check permission for; at least one target is required; must all be of the same TargetType

Returns:

a Map providing a ValidationResult for each of the supplied targets. Results for each target will be as follows:

• an authorized and valid result if Person can perform operation on this target in its current state
• an unauthorized result if permissions prevent Person performing the operation on this target
• a not-valid result for the following cases:
  • the operation is not valid for the specified target type
  • the operation is not currently valid for target due to its state
  • target doesn't exist
  • target is a custom content type or operation is a custom one, and no suitable OperationDelegate is installed

Throws:

BadRequestException - if any of the parameters are null, or if targets is empty, contains null targets or mixed TargetTypes, or if any target points to the wrong kind of object for this operation check.

canPerformWithoutExemptions

@Nonnull
Map<Target,ValidationResult> canPerformWithoutExemptions(Person person,
                                                                  Operation operation,
                                                                  Iterable<Target> targets)

Check whether the specified Person can perform a particular operation on each of the specified targets. (Bulk version of canPerform(Person, Operation, Target).)

This check doesn't grant permission exemptions when called using #withExemption(Runnable).

Parameters:

person - the Person on which to perform a permission and validation check

operation - the operation to check permission for

targets - the Targets to individually check permission for; at least one target is required; must all be of the same TargetType

Returns:

a Map providing a ValidationResult for each of the supplied targets. Results for each target will be as follows:

• an authorized and valid result if Person can perform operation on this target in its current state
• an unauthorized result if permissions prevent Person performing the operation on this target
• a not-valid result for the following cases:
  • the operation is not valid for the specified target type
  • the operation is not currently valid for target due to its state
  • target doesn't exist
  • target is a custom content type or operation is a custom one, and no suitable OperationDelegate is installed

Throws:

BadRequestException - if any of the parameters are null, or if targets is empty, contains null targets or mixed TargetTypes, or if any target points to the wrong kind of object for this operation check.

withExemption

<T> T withExemption(Supplier<T> task)

Execute the given task with permission exemption.

Calls to canPerform(Person, Operation, Iterable) and canPerform(Person, Operation, Target) within the executed task will return an authorized and valid result if the operation can be performed on each target based on the target's state, irrespective of the user's permissions. Calls to other permission checks in confluence may also be affected.

Use with care.

Parameters:

task - task to execute with permission exemption