com.atlassian.confluence.api.impl.service.permissions

Class OperationServiceImpl

java.lang.Object

com.atlassian.confluence.api.impl.service.permissions.OperationServiceImpl

All Implemented Interfaces:

OperationService

@ParametersAreNonnullByDefault
public class OperationServiceImpl
extends Object
implements OperationService

Constructor Summary

Constructors

Constructor and Description
OperationServiceImpl(Map<TargetType,OperationDelegate> operationDelegates, PersonFactory personFactory, UserAccessorInternal userAccessor, PermissionCheckExemptions permissionCheckExemptions, AccessModeManager accessModeManager)

Method Summary

Modifier and Type	Method and Description
@NonNull Map<Target,ValidationResult>	canPerform(Person person, Operation operation, Iterable<Target> targets) Checks if the given user is able to perform the specified operation on the specified targets.
@NonNull ValidationResult	canPerform(Person person, Operation operation, Target target) Checks if the given user is able to perform the specified operation on the specified target.
@NonNull Map<Target,ValidationResult>	canPerformWithoutExemptions(Person person, Operation operation, Iterable<Target> targets) Check whether the specified Person can perform a particular operation on each of the specified targets.
@NonNull ValidationResult	canPerformWithoutExemptions(Person person, Operation operation, Target target) Check whether a person can perform a particular operation on a particular target.
@NonNull List<OperationDescription>	getAllOperationsForType(TargetType targetType) For a given target type, list all operations this service can provide information about.
@NonNull List<OperationCheckResult>	getAvailableOperations(Person person, Target target) List all operations that a person can perform on a particular target.
@NonNull List<OperationCheckResult>	getAvailableOperations(Target target) List all operations that the current user can perform on a particular target.
<T> T	withExemption(Supplier<T> task) Execute the given task with permission exemption.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OperationServiceImpl

public OperationServiceImpl(Map<TargetType,OperationDelegate> operationDelegates,
                            PersonFactory personFactory,
                            UserAccessorInternal userAccessor,
                            PermissionCheckExemptions permissionCheckExemptions,
                            AccessModeManager accessModeManager)

Method Detail

getAllOperationsForType

public @NonNull List<OperationDescription> getAllOperationsForType(TargetType targetType)

Description copied from interface: OperationService

For a given target type, list all operations this service can provide information about.

Specified by:

getAllOperationsForType in interface OperationService

Returns:

a list describing all operations for which this service can provide permission and validation information for the specified target type

getAvailableOperations

public @NonNull List<OperationCheckResult> getAvailableOperations(Person person,
                                                                  Target target)

Description copied from interface: OperationService

List all operations that a person can perform on a particular target.

Specified by:

getAvailableOperations in interface OperationService

Parameters:

person - the Person on which to perform a permission and validation check

target - the Target to check permission for

Returns:

a list (possibly empty) of operations the person has permission to perform on this target in its current state, i.e. for which OperationService.canPerform(Person, Operation, Target) would return a valid and authorized result.

getAvailableOperations

public @NonNull List<OperationCheckResult> getAvailableOperations(Target target)

Description copied from interface: OperationService

List all operations that the current user can perform on a particular target.

Specified by:

getAvailableOperations in interface OperationService

Parameters:

target - the Target to check permission for

Returns:

a list (possibly empty) of operations the current user has permission to perform on this target in its current state, i.e. for which OperationService.canPerform(Person, Operation, Target) would return a valid and authorized result.

canPerform

public final @NonNull ValidationResult canPerform(Person person,
                                                  Operation operation,
                                                  Target target)

Checks if the given user is able to perform the specified operation on the specified target. operationCheck::canPerform -> see Operation Delegate class for the type of target (eg AttachmentOperationDelegate, PageOperationDelegate)

Specified by:

canPerform in interface OperationService

Parameters:

person - the Person on which to perform a permission and validation check

operation - the operation to check permission for

target - the Target to check permission for

Returns:

a single ValidationResult

canPerformWithoutExemptions

public @NonNull ValidationResult canPerformWithoutExemptions(Person person,
                                                             Operation operation,
                                                             Target target)

Description copied from interface: OperationService

Check whether a person can perform a particular operation on a particular target.

This check doesn't grant permission exemptions when called using #withExemption(Runnable).

Specified by:

canPerformWithoutExemptions in interface OperationService

Parameters:

person - the Person on which to perform a permission and validation check

operation - the operation to check permission for

target - the Target to check permission for

Returns:

• an authorized and valid result if Person can perform operation on this target in its current state
• an unauthorized result if permissions prevent Person performing the operation on this target
• a not-valid result for the following cases:
  • the operation is not valid for the specified target type
  • the operation is not currently valid for target due to its state
  • target doesn't exist
  • target is a custom content type or operation is a custom one, and no suitable OperationDelegate is installed

canPerform

public final @NonNull Map<Target,ValidationResult> canPerform(Person person,
                                                              Operation operation,
                                                              Iterable<Target> targets)

Checks if the given user is able to perform the specified operation on the specified targets. operationCheck::canPerform -> see Operation Delegate class for the type of target (eg AttachmentOperationDelegate, PageOperationDelegate)

Specified by:

canPerform in interface OperationService

Parameters:

person - the Person on which to perform a permission and validation check

operation - the operation to check permission for

targets - the Targets to individually check permission for; at least one target is required; must all be of the same TargetType

Returns:

a map of targets and ValidationResults from the specified operation.

canPerformWithoutExemptions

public @NonNull Map<Target,ValidationResult> canPerformWithoutExemptions(Person person,
                                                                         Operation operation,
                                                                         Iterable<Target> targets)

Description copied from interface: OperationService

Check whether the specified Person can perform a particular operation on each of the specified targets. (Bulk version of OperationService.canPerform(Person, Operation, Target).)

This check doesn't grant permission exemptions when called using #withExemption(Runnable).

Specified by:

canPerformWithoutExemptions in interface OperationService

Parameters:

person - the Person on which to perform a permission and validation check

operation - the operation to check permission for

targets - the Targets to individually check permission for; at least one target is required; must all be of the same TargetType

Returns:

a Map providing a ValidationResult for each of the supplied targets. Results for each target will be as follows:

• an authorized and valid result if Person can perform operation on this target in its current state
• an unauthorized result if permissions prevent Person performing the operation on this target
• a not-valid result for the following cases:
  • the operation is not valid for the specified target type
  • the operation is not currently valid for target due to its state
  • target doesn't exist
  • target is a custom content type or operation is a custom one, and no suitable OperationDelegate is installed

withExemption

public <T> T withExemption(Supplier<T> task)

Description copied from interface: OperationService

Execute the given task with permission exemption.

Calls to OperationService.canPerform(Person, Operation, Iterable) and OperationService.canPerform(Person, Operation, Target) within the executed task will return an authorized and valid result if the operation can be performed on each target based on the target's state, irrespective of the user's permissions. Calls to other permission checks in confluence may also be affected.

Use with care.

Specified by:

withExemption in interface OperationService

Parameters:

task - task to execute with permission exemption