com.atlassian.confluence.plugins.restapi.experimental.resources

Class ExperimentalContentRestrictionsResource

java.lang.Object

com.atlassian.confluence.plugins.restapi.experimental.resources.ExperimentalContentRestrictionsResource

public class ExperimentalContentRestrictionsResource
extends Object

Constructor Summary

Constructors

Constructor and Description
ExperimentalContentRestrictionsResource(ContentRestrictionService service)

Method Summary

Modifier and Type	Method and Description
javax.ws.rs.core.Response	addIndividualGroupRestriction(ContentId contentId, OperationKey operationKey, Group group) Adds singular direct ContentRestriction for operationKey and group for the content identified by contentId parameter.
javax.ws.rs.core.Response	addIndividualUserRestriction(ContentId contentId, OperationKey operationKey, com.atlassian.sal.api.user.UserKey userKey, String userName) Adds singular direct ContentRestriction for operationKey and user for the content identified by contentId parameter.
PageResponse<ContentRestriction>	addRestrictions(ContentId contentId, String expand, PageResponse<ContentRestriction> contentRestrictions) Adds all the restrictions specified to a piece of content identified by contentId.
javax.ws.rs.core.Response	deleteIndividualGroupRestriction(ContentId contentId, OperationKey operationKey, Group group) Deletes singular direct ContentRestriction for operationKey and user from the content identified by contentId parameter.
javax.ws.rs.core.Response	deleteIndividualUserRestriction(ContentId contentId, OperationKey operationKey, com.atlassian.sal.api.user.UserKey userKey, String userName) Deletes singular direct ContentRestriction for operationKey and user from the content identified by contentId parameter.
PageResponse<ContentRestriction>	deleteRestrictions(ContentId contentId, String expand) Removes all the restrictions specified directly on the content.
javax.ws.rs.core.Response	getIndividualGroupRestrictionStatus(ContentId contentId, OperationKey operationKey, Group group) Answers the question "Whether group, identified by groupName is a subject of the restriction for operation operationKey directly specified on a content with ID of ccontentId"
javax.ws.rs.core.Response	getIndividualUserRestrictionStatus(ContentId contentId, OperationKey operationKey, com.atlassian.sal.api.user.UserKey userKey, String userName) Answers the question "Whether user, identified by userKey is a subject of the restriction for operation operationKey directly specified on a content with ID of ccontentId"
PageResponse<ContentRestriction>	getRestrictions(ContentId contentId, String expand, javax.ws.rs.core.UriInfo uriInfo, int start, int limit) Returns all the restrictions which are directly specified on a piece of content identified by contentId param
PageResponse<ContentRestriction>	updateRestrictions(ContentId contentId, String expand, PageResponse<ContentRestriction> contentRestrictions) Sets all the restrictions specified to a piece of content identified by contentId, replacing any existing permissions.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ExperimentalContentRestrictionsResource

public ExperimentalContentRestrictionsResource(ContentRestrictionService service)

Method Detail

getRestrictions

public PageResponse<ContentRestriction> getRestrictions(ContentId contentId,
                                                        String expand,
                                                        @Context
                                                        javax.ws.rs.core.UriInfo uriInfo,
                                                        int start,
                                                        int limit)

Returns all the restrictions which are directly specified on a piece of content identified by contentId param

Example request URI:

• http://example.com/confluence/rest/experimental/content/1234567/restriction?expand=

Parameters:

contentId - content to get restrictions for

expand - a coma separated list of properties to expand in the response. Default is restrictions.user,restrictions.group

uriInfo - injected by Jersey

start - the start point of the collection to return

limit - the limit of the number of items to return, this may be restricted by fixed system limits

Returns:

PageResponse with all the restrictions which are specified directly on a Content

updateRestrictions

public PageResponse<ContentRestriction> updateRestrictions(ContentId contentId,
                                                           String expand,
                                                           PageResponse<ContentRestriction> contentRestrictions)

Sets all the restrictions specified to a piece of content identified by contentId, replacing any existing permissions. Setting per-content restrictions is currently allowed for Pages or BlogPosts only.

Example request URI:

• http://example.com/confluence/rest/experimental/content/1234567/restriction?expand=

Accepts same input format as the response of GET to the same resource would return. For the sake of simplicity also allows stripping of {"results": ... }" part and inlining arrays of specific users/groups directly.

E.g.

Example request (simplified)

 [
   {
     "operation": "update",
     "restrictions":
     {
       "user": [
         {
           "type": "known",
           "username": "admin"
         }
       ]
     }
   }
 ]
 

Rules of applying restrictions via this method:

• Provided collection of ContentRestrictions is allowed to have only 1 (ONE) ContentRestriction object for each operation.
• Provided ContentRestrictions will replace (overwrite) any pre-existing restrictions on the Content under the corresponding operations.
• In case provided collection of ContentRestriction does not have any of the operations supported it is assumed that restrictions for such operation should not be changed at all.
• Restrictions with the "users" and/or "groups" map entries explicitly set to be empty arrays will result in removing corresponding restrictions for the content.
• Restrictions with the "users" and/or "groups" map entries missing will result in not changing corresponding operation's user/group restrictions for the content.
• It is not allowed to edit the restrictions in such a way which would remove requesting user's access.
• Only Page and BlogPost contents are supported.

Parameters:

contentId - content to set restrictions for

expand - a coma separated list of properties to expand in the response. Default is restrictions.user,restrictions.group

Returns:

the new state of the resource. PageResponse with all the restrictions which are specified directly on a Content. Result is the same as the response of GET to the same resource would return.

addRestrictions

public PageResponse<ContentRestriction> addRestrictions(ContentId contentId,
                                                        String expand,
                                                        PageResponse<ContentRestriction> contentRestrictions)

Adds all the restrictions specified to a piece of content identified by contentId. Does not replace/remove/alter any pre-existing ContentRestrictions. Provided ContentRestrictions will be added, i.e. "merged with" any pre-existing restrictions on the Content under the corresponding operations. Changing per-content restrictions is currently allowed for Pages or BlogPosts only.

Example request URI:

• http://example.com/confluence/rest/experimental/content/1234567/restriction?expand=

Accepts same input format as the response of GET to the same resource would return. For the sake of simplicity also allows stripping of {"results": ... }" part and inlining arrays of specific users/groups directly.

E.g.

Example request (simplified)

 [
   {
     "operation": "update",
     "restrictions":
     {
       "user": [
         {
           "type": "known",
           "username": "admin"
         }
       ]
     }
   }
 ]
 

Rules of applying restrictions via this method:

• Provided collection of ContentRestrictions is allowed to have only 1 (ONE) ContentRestriction object for each operation.
• Provided ContentRestrictions will be added, i.e. "merged with" any pre-existing restrictions on the Content under the corresponding operations.
• In case provided collection of ContentRestriction does not have any of the operations supported no changes will happen.
• Restrictions with the "users" and/or "groups" map entries explicitly set to be empty arrays, or null, or missing will result in not changing corresponding operation's user/group restrictions for the content.
• It is not allowed to edit the restrictions in such a way which would remove requesting user's access.
• Only Page and BlogPost contents are supported.

Parameters:

contentId - the id of the content to add restrictions to

contentRestrictions - Collection of ContentRestrictions to add to the Content specified

expand - the expansions to the ContentRestriction. To be expanded on response.

Returns:

the new state of the resource. PageResponse with all the restrictions which are specified directly on a Content. Result is the same as the response of GET to the same resource would return.

deleteRestrictions

public PageResponse<ContentRestriction> deleteRestrictions(ContentId contentId,
                                                           String expand)

Removes all the restrictions specified directly on the content. I.e. makes READ and UPDATE operations unrestricted directly on the content.

User performing this operation must have enough rights to edit the content specified as well as restrictions associated with it in order to proceed.

Parameters:

contentId - the id of the content to remove all restrictions from

expand - the expansions to the ContentRestriction. To be expanded on response.

Returns:

the new state of the resource. PageResponse with all the restrictions which are specified directly on a Content. Result is the same as the response of GET to the same resource would return.

getIndividualUserRestrictionStatus

public javax.ws.rs.core.Response getIndividualUserRestrictionStatus(ContentId contentId,
                                                                    OperationKey operationKey,
                                                                    com.atlassian.sal.api.user.UserKey userKey,
                                                                    String userName)

Answers the question "Whether user, identified by userKey is a subject of the restriction for operation operationKey directly specified on a content with ID of ccontentId"

Content identified by the id must exist and be accessible by the user performing this operation.

Parameters:

contentId - the id of the content to perform the test on

operationKey - key for the Operation for which restrictions are to be checked

userKey - userKey identifying the user in question

Returns:

true if the user in question is listed as a subject in one of the ContentRestircions directly specified on the content, false otherwise

getIndividualGroupRestrictionStatus

public javax.ws.rs.core.Response getIndividualGroupRestrictionStatus(ContentId contentId,
                                                                     OperationKey operationKey,
                                                                     Group group)

Answers the question "Whether group, identified by groupName is a subject of the restriction for operation operationKey directly specified on a content with ID of ccontentId"

Content identified by the id must exist and be accessible by the user performing this operation.

Parameters:

contentId - the id of the content to perform the test on

operationKey - key for the Operation for which restrictions are to be checked

group - group in question identified by the groupName path parameter

Returns:

true if the group in question is listed as a subject in one of the ContentRestircions directly specified on the content, false otherwise

deleteIndividualUserRestriction

public javax.ws.rs.core.Response deleteIndividualUserRestriction(ContentId contentId,
                                                                 OperationKey operationKey,
                                                                 com.atlassian.sal.api.user.UserKey userKey,
                                                                 String userName)

Deletes singular direct ContentRestriction for operationKey and user from the content identified by contentId parameter. Throws subclasses of ServiceException in case of various problems (cannot find content, restrictions to be deleted does not exist, etc...)

Content identified by the id must exist and be accessible by the user performing this operation. User performing this operation must have all the required permissions for that Restriction to be deleted must exist

Parameters:

contentId - the id of the content which the restriction to be removed from

operationKey - the operation to remove restriction for

userKey - userKey identifying the User who's restriction is to be deleted

userName - userName identifying the User who's restriction is to be deleted

Returns:

HTTP.200 if the deletion was successful

deleteIndividualGroupRestriction

public javax.ws.rs.core.Response deleteIndividualGroupRestriction(ContentId contentId,
                                                                  OperationKey operationKey,
                                                                  Group group)

Deletes singular direct ContentRestriction for operationKey and user from the content identified by contentId parameter. Throws subclasses of ServiceException in case of various problems (cannot find content, restrictions to be deleted does not exist, etc...)

Content identified by the id must exist and be accessible by the user performing this operation. User performing this operation must have all the required permissions for that Restriction to be deleted must exist

Parameters:

contentId - the id of the content which the restriction to be removed from

operationKey - the operation to remove restriction for

group - group (constructed from the groupName) identifying the Group who's restriction is to be deleted

Returns:

HTTP.200 if the deletion was successful

addIndividualUserRestriction

public javax.ws.rs.core.Response addIndividualUserRestriction(ContentId contentId,
                                                              OperationKey operationKey,
                                                              com.atlassian.sal.api.user.UserKey userKey,
                                                              String userName)

Adds singular direct ContentRestriction for operationKey and user for the content identified by contentId parameter. Throws subclasses of ServiceException in case of various problems (cannot find content, wrong opkey, not enought permissions, etc...)

Content identified by the id must exist and be accessible by the user performing this operation. User performing this operation must have all the required permissions for that

Parameters:

contentId - the id of the content which the restriction to be added to

operationKey - the operation to add restriction for

userKey - userKey identifying the User who's restriction is to be added

userName - userName identifying the User who's restriction is to be added

Returns:

HTTP.200 if the addition was successful

addIndividualGroupRestriction

public javax.ws.rs.core.Response addIndividualGroupRestriction(ContentId contentId,
                                                               OperationKey operationKey,
                                                               Group group)

Adds singular direct ContentRestriction for operationKey and group for the content identified by contentId parameter. Throws subclasses of ServiceException in case of various problems (cannot find content, wrong opkey, not enought permissions, etc...)

Content identified by the id must exist and be accessible by the user performing this operation. User performing this operation must have all the required permissions for that

Parameters:

contentId - the id of the content which the restriction to be added to

operationKey - the operation to add restriction for

group - group (constructed from the groupName) identifying the Group who's restriction is to be added

Returns:

HTTP.200 if the addition was successful