Package com.atlassian.confluence.core
Class DefaultContentPermissionManager
- java.lang.Object
-
- com.atlassian.confluence.core.DefaultContentPermissionManager
-
- All Implemented Interfaces:
ContentPermissionManager,ContentPermissionManagerInternal,org.springframework.beans.factory.DisposableBean
public class DefaultContentPermissionManager extends Object implements ContentPermissionManagerInternal, org.springframework.beans.factory.DisposableBean
-
-
Field Summary
Fields Modifier and Type Field Description protected ContentPermissionDaocontentPermissionDaostatic booleanDISABLE_EFFICIENT_CONTENT_PERMISSIONS_CHANGE
-
Constructor Summary
Constructors Constructor Description DefaultContentPermissionManager()
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description voidaddContentPermission(ContentPermission permission, ContentEntityObject content)Adds a new current content permission to the CEO if it doesn't have it already.voidcopyContentPermissions(ContentEntityObject from, ContentEntityObject to)Copies all content permissions from one content entity to another.voidcopyContentPermissions(AbstractPage from, AbstractPage to)Copies all content permissions from one page to another.voiddestroy()AttachmentManagergetAttachmentManager()List<ContentPermissionSet>getContentPermissionSets(ContentEntityObject ceo, String type)Get the ContentPermissionSets that affect this ceo, both inherited and directly.List<ContentPermissionSet>getInheritedContentPermissionSets(ContentEntityObject contentEntityObject)List<ContentPermissionSet>getInheritedContentPermissionSets(ContentEntityObject contentEntityObject, boolean includeEditPermissions)Get the inherited ContentPermissionSets that affect this ceo.List<ContentPermission>getInheritedContentUserPermissions(ContentEntityObject contentEntityObject)Filters the inherited content permission sets of a page for a list of inherited user permissions (of typeContentPermission.VIEW_PERMISSION)Map<Long,Boolean>getPermissionSets(com.atlassian.user.User user, Space space)Retrieves the configured permissions regarding whether the specified user can view the pages inside a space.List<Page>getPermittedChildren(Page page, com.atlassian.user.User user)Returns a list ofPageobjects that are direct children of the passed in page.List<Page>getPermittedChildrenIgnoreInheritedPermissions(Page page, com.atlassian.user.User user)Gets the list of child pages under the given page that are visible to the given user.List<Page>getPermittedPagesIgnoreInheritedPermissions(List<Page> contentList, ConfluenceUser user, String permission)Check permissions for a collection of objects without checking permissions of ancestors and spaces.Set<ContentPermission>getViewContentPermissions(Page page)Deprecated.since 5.8.Map<Long,ValidationResult>hasContentLevelPermission(ConfluenceUser user, String permissionType, Collection<Long> contentIds)Check permission for a collection of content at once.booleanhasContentLevelPermission(com.atlassian.user.User user, String permissionType, ContentEntityObject contentEntityObject)fetches the inherited and explicit content level permissions for this content object and determines whether the user has access.booleanhasPermittedChildrenIgnoreInheritedPermissions(Page page, com.atlassian.user.User user)Does the given page have children visible to the given user.booleanhasVisibleChildren(Page page, ConfluenceUser user)Returns true if at least one child is visible This method does not check all children, it stops working when the first visible children is foundbooleanisPermissionInherited(Page childPage)Does the child page get its permissions from any ancestor?voidonContentPermissionEvent(ContentPermissionEvent contentPermissionEvent)voidremoveAllGroupPermissions(String groupName)Remove all content permission associated with a given group.voidremoveAllUserPermissions(ConfluenceUser user)Remove all content permission associated with a given user.voidremoveContentPermission(ContentPermission contentPermission)voidsetAuditingContext(AuditingContext auditingContext)voidsetBackgroundJobService(BackgroundJobService backgroundJobService)voidsetChangeIndexer(ChangeIndexer changeIndexer)Deprecated.since 7.5voidsetContentPermissionDao(ContentPermissionDao contentPermissionDao)voidsetContentPermissions(@NonNull Map<String,Collection<ContentPermission>> requiredPermissionsMap, ContentEntityObject content)Set the Content Permissions on the CEO to be the list ofContentPermissions passed.voidsetContentPermissions(Collection<ContentPermission> requiredPermissions, ContentEntityObject content, String type)Set the Content Permissions on the CEO to be the list ofContentPermissions passed.voidsetContentPermissionSetDao(ContentPermissionSetDao contentPermissionSetDao)voidsetEventListenerRegistrar(com.atlassian.event.api.EventListenerRegistrar eventListenerRegistrar)voidsetEventPublisher(com.atlassian.event.api.EventPublisher eventPublisher)voidsetIndexer(ConfluenceIndexer indexer)Deprecated.since 7.5 indexing performed via eventsvoidsetInheritedContentPermissionManager(InheritedContentPermissionManager inheritedContentPermissionManager)voidsetPageDao(PageDao pageDao)voidsetScopesRequestCacheDelegate(ScopesRequestCacheDelegate scopesRequestCacheDelegate)
-
-
-
Field Detail
-
DISABLE_EFFICIENT_CONTENT_PERMISSIONS_CHANGE
public static final boolean DISABLE_EFFICIENT_CONTENT_PERMISSIONS_CHANGE
-
contentPermissionDao
protected ContentPermissionDao contentPermissionDao
-
-
Method Detail
-
onContentPermissionEvent
@EventListener public void onContentPermissionEvent(ContentPermissionEvent contentPermissionEvent)
-
getInheritedContentUserPermissions
public List<ContentPermission> getInheritedContentUserPermissions(ContentEntityObject contentEntityObject)
Filters the inherited content permission sets of a page for a list of inherited user permissions (of typeContentPermission.VIEW_PERMISSION)- Specified by:
getInheritedContentUserPermissionsin interfaceContentPermissionManager
-
getInheritedContentPermissionSets
public List<ContentPermissionSet> getInheritedContentPermissionSets(ContentEntityObject contentEntityObject)
- Specified by:
getInheritedContentPermissionSetsin interfaceContentPermissionManager- Returns:
- a list of
ContentPermissionSets of typeContentPermission.VIEW_PERMISSIONof all ancestors of contentEntityObject
-
getInheritedContentPermissionSets
public List<ContentPermissionSet> getInheritedContentPermissionSets(ContentEntityObject contentEntityObject, boolean includeEditPermissions)
Description copied from interface:ContentPermissionManagerGet the inherited ContentPermissionSets that affect this ceo. Note that EDIT Permissions are not currently inherited, however edit permissions are treated as view permissions when considering inheritance, unless the boolean 'includeEditPermissions' is set to false.- Specified by:
getInheritedContentPermissionSetsin interfaceContentPermissionManager- Parameters:
contentEntityObject- whose permissions will be returned. Not null.includeEditPermissions- which specifies whether or not edit permissions should be additionally treated as view permissions.- Returns:
- a list of
ContentPermissionSets. Not null, but can be empty.
-
getContentPermissionSets
public List<ContentPermissionSet> getContentPermissionSets(ContentEntityObject ceo, String type)
Description copied from interface:ContentPermissionManagerGet the ContentPermissionSets that affect this ceo, both inherited and directly. Note that EDIT Permissions are not currently inherited, so calling this method with EDIT will return only the direct ContentPermissionSet.- Specified by:
getContentPermissionSetsin interfaceContentPermissionManager- Parameters:
ceo- whose permissions will be returned. Not null.type- one ofContentPermission.VIEW_PERMISSIONorContentPermission.EDIT_PERMISSION- Returns:
- a list of
ContentPermissionSets. Not null, but can be empty.
-
hasContentLevelPermission
public boolean hasContentLevelPermission(com.atlassian.user.User user, String permissionType, ContentEntityObject contentEntityObject)Description copied from interface:ContentPermissionManagerfetches the inherited and explicit content level permissions for this content object and determines whether the user has access.- Specified by:
hasContentLevelPermissionin interfaceContentPermissionManagerpermissionType-ContentPermission.VIEW_PERMISSIONorContentPermission.EDIT_PERMISSION- Returns:
- true if the user has the specified type of permission on the given content
-
removeContentPermission
public void removeContentPermission(ContentPermission contentPermission)
- Specified by:
removeContentPermissionin interfaceContentPermissionManager
-
removeAllGroupPermissions
public void removeAllGroupPermissions(String groupName)
Description copied from interface:ContentPermissionManagerRemove all content permission associated with a given group.- Specified by:
removeAllGroupPermissionsin interfaceContentPermissionManager
-
removeAllUserPermissions
public void removeAllUserPermissions(ConfluenceUser user)
Description copied from interface:ContentPermissionManagerRemove all content permission associated with a given user.- Specified by:
removeAllUserPermissionsin interfaceContentPermissionManager
-
addContentPermission
public void addContentPermission(ContentPermission permission, ContentEntityObject content)
Adds a new current content permission to the CEO if it doesn't have it already.- Specified by:
addContentPermissionin interfaceContentPermissionManager- Throws:
IllegalArgumentException- ifcontentobject does not correspond to the latest version of the content. Permissions can only be added to the latest version of a ContentEntityObject.
-
setContentPermissions
public void setContentPermissions(@NonNull Map<String,Collection<ContentPermission>> requiredPermissionsMap, ContentEntityObject content)
Description copied from interface:ContentPermissionManagerSet the Content Permissions on the CEO to be the list ofContentPermissions passed. Passing an empty list removes all permissions. Passing a list containing just the existing permissions does nothing. It is recommended to use this method for setting different types of content permissions in a batch, because it performs more smart and performant caching updates thanContentPermissionManager.setContentPermissions(java.util.Collection, ContentEntityObject, String)does- Specified by:
setContentPermissionsin interfaceContentPermissionManager- Parameters:
requiredPermissionsMap- - map ofContentPermissions for each type
-
setContentPermissions
public void setContentPermissions(Collection<ContentPermission> requiredPermissions, ContentEntityObject content, String type)
Description copied from interface:ContentPermissionManagerSet the Content Permissions on the CEO to be the list ofContentPermissions passed. Passing an empty list removes all permissions. Passing a list containing just the existing permissions does nothing.- Specified by:
setContentPermissionsin interfaceContentPermissionManager- Parameters:
requiredPermissions- set ofContentPermissions
-
getPermittedChildren
public List<Page> getPermittedChildren(Page page, com.atlassian.user.User user)
Returns a list ofPageobjects that are direct children of the passed in page. This method will only return the children the passed in user has permission to view.- Specified by:
getPermittedChildrenin interfaceContentPermissionManager
-
getPermittedChildrenIgnoreInheritedPermissions
public List<Page> getPermittedChildrenIgnoreInheritedPermissions(Page page, com.atlassian.user.User user)
Description copied from interface:ContentPermissionManagerGets the list of child pages under the given page that are visible to the given user. This method assumes that the given page is already visible to the given user and does not check the inherited permissions.- Specified by:
getPermittedChildrenIgnoreInheritedPermissionsin interfaceContentPermissionManager
-
hasPermittedChildrenIgnoreInheritedPermissions
public boolean hasPermittedChildrenIgnoreInheritedPermissions(Page page, com.atlassian.user.User user)
Description copied from interface:ContentPermissionManagerDoes the given page have children visible to the given user. This method assumes that the given page is already visible to the given user and does not check the inherited permissions.- Specified by:
hasPermittedChildrenIgnoreInheritedPermissionsin interfaceContentPermissionManager
-
getViewContentPermissions
@Deprecated public Set<ContentPermission> getViewContentPermissions(Page page)
Deprecated.since 5.8. usegetContentPermissionSets(ContentEntityObject, String)passing permission typeContentPermission.VIEW_PERMISSIONGet view permissions on this page and its ancestors.- Specified by:
getViewContentPermissionsin interfaceContentPermissionManager- Returns:
- a list of ContentPermission instances
-
setAuditingContext
public void setAuditingContext(AuditingContext auditingContext)
-
setContentPermissionDao
public void setContentPermissionDao(ContentPermissionDao contentPermissionDao)
-
setPageDao
public void setPageDao(PageDao pageDao)
-
setContentPermissionSetDao
public void setContentPermissionSetDao(ContentPermissionSetDao contentPermissionSetDao)
-
setIndexer
@Deprecated public void setIndexer(ConfluenceIndexer indexer)
Deprecated.since 7.5 indexing performed via events
-
setEventPublisher
public void setEventPublisher(com.atlassian.event.api.EventPublisher eventPublisher)
-
setInheritedContentPermissionManager
public void setInheritedContentPermissionManager(InheritedContentPermissionManager inheritedContentPermissionManager)
-
setScopesRequestCacheDelegate
public void setScopesRequestCacheDelegate(ScopesRequestCacheDelegate scopesRequestCacheDelegate)
-
setChangeIndexer
@Deprecated public void setChangeIndexer(ChangeIndexer changeIndexer)
Deprecated.since 7.5
-
setEventListenerRegistrar
public void setEventListenerRegistrar(com.atlassian.event.api.EventListenerRegistrar eventListenerRegistrar)
-
destroy
public void destroy() throws Exception- Specified by:
destroyin interfaceorg.springframework.beans.factory.DisposableBean- Throws:
Exception
-
getAttachmentManager
public AttachmentManager getAttachmentManager()
-
isPermissionInherited
public boolean isPermissionInherited(Page childPage)
Description copied from interface:ContentPermissionManagerDoes the child page get its permissions from any ancestor?- Specified by:
isPermissionInheritedin interfaceContentPermissionManager- Returns:
- boolean True if the child page does not have a view permission set, and an ancestor does.
-
copyContentPermissions
public void copyContentPermissions(AbstractPage from, AbstractPage to)
Description copied from interface:ContentPermissionManagerCopies all content permissions from one page to another.- Specified by:
copyContentPermissionsin interfaceContentPermissionManager
-
copyContentPermissions
public void copyContentPermissions(ContentEntityObject from, ContentEntityObject to)
Description copied from interface:ContentPermissionManagerCopies all content permissions from one content entity to another.- Specified by:
copyContentPermissionsin interfaceContentPermissionManager
-
getPermissionSets
public Map<Long,Boolean> getPermissionSets(com.atlassian.user.User user, Space space)
Description copied from interface:ContentPermissionManagerRetrieves the configured permissions regarding whether the specified user can view the pages inside a space. If a page is not configured in the tables - CONTENT_PERM_SET and CONTENT_PERM, then the permission of that page will not be included here. Note: the permission returned here does not consider the inherited permission from parent page.- Specified by:
getPermissionSetsin interfaceContentPermissionManager- Parameters:
user- - confluence user to be checkedspace- - confluence space- Returns:
- a Map where the key is the page id and the value indicates the view permission.
-
hasContentLevelPermission
public Map<Long,ValidationResult> hasContentLevelPermission(ConfluenceUser user, String permissionType, Collection<Long> contentIds)
Description copied from interface:ContentPermissionManagerInternalCheck permission for a collection of content at once.- if contentIds belong to same page hierarchy then it will base on the permission set of that hierarchy to check permisssion for all hierarchy => Best performance
- if contentIds does not belong to same page hierarchy then it will load page list (at once) and call permission check for each page => better performance
- Specified by:
hasContentLevelPermissionin interfaceContentPermissionManagerInternalpermissionType- string needs to be one of the permission constants in ContentPermission- Returns:
- a map of validation result
-
getPermittedPagesIgnoreInheritedPermissions
public List<Page> getPermittedPagesIgnoreInheritedPermissions(List<Page> contentList, ConfluenceUser user, String permission)
Check permissions for a collection of objects without checking permissions of ancestors and spaces.- Specified by:
getPermittedPagesIgnoreInheritedPermissionsin interfaceContentPermissionManagerInternal- Returns:
- a list of permitted objects
-
hasVisibleChildren
public boolean hasVisibleChildren(Page page, ConfluenceUser user)
Returns true if at least one child is visible This method does not check all children, it stops working when the first visible children is found- Specified by:
hasVisibleChildrenin interfaceContentPermissionManagerInternal- Returns:
- false if 0 children visible, true of at least one child is visible
-
setBackgroundJobService
public void setBackgroundJobService(BackgroundJobService backgroundJobService)
-
-