Package com.atlassian.confluence.security

Interface SpacePermissionManager

    • Method Detail

      • hasPermission

        boolean hasPermission​(String permissionType,
                      @Nullable Space space,
                      @Nullable com.atlassian.user.User remoteUser)
        Determines if remoteUser has the given permission in space

        Unless you're writing code that is part of the permission checking implementation, or you're changing space permissions, you should be using PermissionManager instead.

        Parameters:
        permissionType - The permission type to look up
        space - The space the permission applies to (can be null for global permissions)
        remoteUser - The user to look up (can be null for the anonymous user)
        Returns:
        true if remoteUser has the permission, false otherwise

      • hasPermissionNoExemptions

        boolean hasPermissionNoExemptions​(String permissionType,
                                  @Nullable Space space,
                                  @Nullable com.atlassian.user.User remoteUser)
        Returns true if the user has the specified permission on the target space. This method does not allow exemptions for super-users like hasPermission(String, Space, User) does.

        For parameter and return value information, see hasPermission(String, Space, User).

      • hasAllPermissions

        boolean hasAllPermissions​(List<String> permissionTypes,
                          @Nullable Space space,
                          @Nullable com.atlassian.user.User user)
        Determines if remoteUser has all of the given permissions in space

        If remoteUser lacks any of the given permissions, false is returned.

        Unless you're writing code that is part of the permission checking implementation, or you're changing space permissions, you should be using PermissionManager instead.

        Parameters:
        permissionTypes - A List of permission types (see SpacePermission) to check
        space - The space the permissions apply to
        user - The user to look up
        Returns:
        true if remoteUser has the permission, false otherwise

      • getGlobalPermissions

        @Transactional(readOnly=true)
List<SpacePermission> getGlobalPermissions()

      • flushCaches

        void flushCaches()

      • groupHasPermission

        boolean groupHasPermission​(String permissionType,
                           @Nullable Space space,
                           String group)
        Checks whether the given group has the given permission

        If a null space is specified, this method looks up matching global permissions, otherwise space's permissions list is queried to see if the permission matches.

        Similarly, if permissionType is not a space permission, a matching global permission is looked up.

        Parameters:
        group - The group to look up the permission for
        space - The space the permission applies to (can be null for global permissions)
        permissionType - The permission type to look up
        Returns:
        true if the group has the required permission, false otherwise

      • createDefaultSpacePermissions

        void createDefaultSpacePermissions​(Space space)

      • createPrivateSpacePermissions

        void createPrivateSpacePermissions​(Space space)

      • hasPermissionForSpace

        boolean hasPermissionForSpace​(@Nullable com.atlassian.user.User user,
                              List permissionTypes,
                              @Nullable Space space)

      • getGroupsWithPermissions

        @Transactional(readOnly=true)
Collection<com.atlassian.user.Group> getGroupsWithPermissions​(@Nullable Space space)
        Returns all groups which have permissions in a space or on a global level. If space is null, permissions on the global level will be checked.
        Parameters:
        space - - space to query, if null global permissions returned
        Returns:
        Collection of groups with permissions

      • getGroupsForPermissionType

        @Transactional(readOnly=true)
Map<String,​Long> getGroupsForPermissionType​(String permissionType,
                                                  Space space)

      • getUsersWithPermissions

        @Transactional(readOnly=true)
Collection<com.atlassian.user.User> getUsersWithPermissions​(@Nullable Space space)
        Returns a collection of user objects with VIEWSPACE_PERMISSION in the space. If no space is provided A list of users with USE_CONFLUENCE_PERMISSION will be returned
        Parameters:
        space - - space to query, if null global permissions returned
        Returns:
        Collection of User objects

      • getUsersForPermissionType

        @Transactional(readOnly=true)
Map<String,​Long> getUsersForPermissionType​(String permissionType,
                                                 Space space)

      • permissionExists

        boolean permissionExists​(SpacePermission permission)
        Check whether the given SpacePermission exists. Checks by attribute equality rather than by id.
        Parameters:
        permission - the permission to look for.
        Returns:
        true if the permission is recognised by the manager as existing.

      • getDefaultGlobalPermissions

        @Transactional(readOnly=true)
Set<SpacePermission> getDefaultGlobalPermissions()
        Returns the default global permissions that are created when Confluence is set up. These will exist in a newly set up system but may be removed afterwards. Note that the returned objects are freshly created and therefore do not have IDs or other persistence data.

        By default, confluence-administrators group has admin access, the default confluence users group can view the system and anonymous access is disabled.

        Returns:
        a collection of SpacePermissions.

      • isPermittedInReadOnlyAccessMode

        boolean isPermittedInReadOnlyAccessMode​(String permissionType)
        Check if the permission type is permitted in read only access mode
        Parameters:
        permissionType - the permission type to be checked
        Returns:
        true if the permission type is permitted in read only access mode