Package com.atlassian.confluence.security

Class DefaultPermissionManager

    • Constructor Detail

      • DefaultPermissionManager

        public DefaultPermissionManager()

    • Method Detail

      • hasPermission

        public boolean hasPermission​(com.atlassian.user.User user,
                             Permission permission,
                             Object target)
        Description copied from interface: PermissionManager
        Determine whether a user has a particular permission against a given target.
        Specified by:
        hasPermission in interface PermissionManager
        Parameters:
        user - the user seeking permission, or null if the anonymous user is being checked against
        permission - the permission to check
        target - the object that the permission is being checked against. If this object is null, the method will return false
        Returns:
        true if the user has this permission, false otherwise

      • hasPermission

        public boolean hasPermission​(com.atlassian.user.User user,
                             Permission permission,
                             Class targetType)
        Description copied from interface: PermissionManager
        Determine whether a user has a particular permission for all instances of the specified target type.
        Specified by:
        hasPermission in interface PermissionManager
        Parameters:
        user - the user
        permission - the permission to check (see Permission
        targetType - the type of the target
        Returns:
        true if the user has this permission, false otherwise.

      • hasCreatePermission

        public boolean hasCreatePermission​(com.atlassian.user.User user,
                                   Object container,
                                   Class<?> typeToCreate)
        Description copied from interface: PermissionManager
        Determine whether a user has permission to create an entity of a particular type within a given container.

        The container is the natural container of the object being created. For example, a comment is contained in a page, which is contained within a space. A space is contained within TARGET_APPLICATION.

        This overload should not be used when creating CustomContentEntityObject instances. In that case, permission checks should use PermissionManager.hasCreatePermission(com.atlassian.user.User, Object, Object).

        Specified by:
        hasCreatePermission in interface PermissionManager
        Parameters:
        user - the user seeking permission, or null if the anonymous user is being checked against
        container - the target that the object is being created within. If this object is null, the method will return false
        typeToCreate - the type of object being created (see above)
        Returns:
        true if the user has permission, false otherwise
        See Also:
        ContentEntityObject.getType()

      • hasCreatePermission

        public boolean hasCreatePermission​(com.atlassian.user.User user,
                                   Object container,
                                   Object objectToCreate)
        Description copied from interface: PermissionManager
        Determine whether a user has permission to create a particular entity within a given container.

        The container is the natural container of the object being created. For example, a comment is contained in a page, which is contained within a space. A space is contained within TARGET_APPLICATION.

        This overload is best when creating CustomContentEntityObject instances. Other permission checks should use PermissionManager.hasCreatePermission(com.atlassian.user.User, Object, Class).

        Specified by:
        hasCreatePermission in interface PermissionManager
        Parameters:
        user - the user seeking permission, or null if the anonymous user is being checked against
        container - the target that the object is being created within. If this object is null, the method will return false
        objectToCreate - the object being created (see above)
        Returns:
        true if the user has permission, false otherwise

      • getPermittedEntities

        public <X> List<X> getPermittedEntities​(com.atlassian.user.User user,
                                        Permission permission,
                                        List<? extends X> objects)
        Description copied from interface: PermissionManager
        Filter a list based on which entities in the list have a particular permission.
        Specified by:
        getPermittedEntities in interface PermissionManager
        Parameters:
        user - the user seeking permission, or null if the anonymous user is being checked against
        permission - the permission to check against the objects
        objects - the objects to check
        Returns:
        a new list of those members of the objects list that satisfy the given permission for the user

      • getPermittedEntities

        public <X> List<X> getPermittedEntities​(com.atlassian.user.User user,
                                        Permission permission,
                                        Iterator<? extends X> objects,
                                        int maxResults)
        Description copied from interface: PermissionManager
        Filter an iterator based on which entities in the list have a particular permission.
        Specified by:
        getPermittedEntities in interface PermissionManager
        Parameters:
        user - the user seeking permission, or null if the anonymous user is being checked against
        permission - the permission to check against the objects
        objects - the objects to check
        maxResults - the maximum number of permitted entities to retrieve from the iterator (un-permitted entities are not counted)
        Returns:
        a new list of those members of the objects list that satisfy the given permission for the user

      • getPermittedEntities

        public <X> List<X> getPermittedEntities​(com.atlassian.user.User user,
                                        Permission permission,
                                        Iterator<X> entities,
                                        int maxResults,
                                        Collection<? extends PermissionManager.Criterion> otherCriteria)
        Description copied from interface: PermissionManager
        Filter an iterator based on which entities in the list have a particular permission. You may also supply additional criteria through which to filter the iterator.
        Specified by:
        getPermittedEntities in interface PermissionManager
        Parameters:
        user - the user seeking permission, or null if the anonymous user is being checked against
        permission - the permission to check against the objects
        entities - the objects to check
        maxResults - the maximum number of permitted entities to retrieve from the iterator (un-permitted entities are not counted)
        otherCriteria - a collection of PermissionManager.Criterion objects through which the permitted entities must also be filtered
        Returns:
        a new list of those members of the objects list that satisfy the given permission for the user

      • getPermittedEntitiesNoExemptions

        public <X> List<X> getPermittedEntitiesNoExemptions​(com.atlassian.user.User user,
                                                    Permission permission,
                                                    List<? extends X> objects)
        Description copied from interface: PermissionManager
        Filter a list based on which entities in the list have a particular permission. This method does not allow exemptions for super-users like PermissionManager.getPermittedEntities(User, Permission, List) does.
        Specified by:
        getPermittedEntitiesNoExemptions in interface PermissionManager
        Parameters:
        user - the user seeking permission, or null if the anonymous user is being checked against
        permission - the permission to check against the objects
        objects - the objects to check
        Returns:
        a new list of those members of the objects list that satisfy the given permission for the user

      • getPermittedEntitiesNoExemptions

        public <X> List<X> getPermittedEntitiesNoExemptions​(com.atlassian.user.User user,
                                                    Permission permission,
                                                    Iterator<? extends X> objects,
                                                    int maxResults)
        Description copied from interface: PermissionManager
        Filter an iterator based on which entities in the list have a particular permission. This method does not allow exemptions for super-users like PermissionManager.getPermittedEntities(User, Permission, Iterator, int) does.
        Specified by:
        getPermittedEntitiesNoExemptions in interface PermissionManager
        Parameters:
        user - the user seeking permission, or null if the anonymous user is being checked against
        permission - the permission to check against the objects
        objects - the objects to check
        maxResults - the maximum number of permitted entities to retrieve from the iterator (un-permitted entities are not counted)
        Returns:
        a new list of those members of the objects list that satisfy the given permission for the user

      • getPermittedEntitiesNoExemptions

        public <X> List<X> getPermittedEntitiesNoExemptions​(com.atlassian.user.User user,
                                                    Permission permission,
                                                    Iterator<X> entities,
                                                    int maxResults,
                                                    Collection<? extends PermissionManager.Criterion> otherCriteria)
        Description copied from interface: PermissionManager
        Filter an iterator based on which entities in the list have a particular permission. This method does not allow exemptions for super-users like PermissionManager.getPermittedEntities(User, Permission, Iterator, int, Collection) does. You may also supply additional criteria through which to filter the iterator.
        Specified by:
        getPermittedEntitiesNoExemptions in interface PermissionManager
        Parameters:
        user - the user seeking permission, or null if the anonymous user is being checked against
        permission - the permission to check against the objects
        entities - the objects to check
        maxResults - the maximum number of permitted entities to retrieve from the iterator (un-permitted entities are not counted)
        otherCriteria - a collection of PermissionManager.Criterion objects through which the permitted entities must also be filtered
        Returns:
        a new list of those members of the objects list that satisfy the given permission for the user

      • isConfluenceAdministrator

        public boolean isConfluenceAdministrator​(com.atlassian.user.User user)
        Description copied from interface: PermissionManager
        Determine if the user is a Confluence administrator. Calling this method is identical to calling hasPermission(user, Permission.ADMINISTER, PermissionManager.TARGET_APPLICATION).
        Specified by:
        isConfluenceAdministrator in interface PermissionManager
        Parameters:
        user - the user to check permissions against
        Returns:
        true if the user is a Confluence administrator, false otherwise

      • isSystemAdministrator

        public boolean isSystemAdministrator​(com.atlassian.user.User user)
        Description copied from interface: PermissionManager
        Determine if the user is a system administrator. Calling this method is identical to calling hasPermission(user, Permission.ADMINISTER, PermissionManager.TARGET_SYSTEM).
        Specified by:
        isSystemAdministrator in interface PermissionManager
        Parameters:
        user - the user to check permissions against
        Returns:
        true if the user is a system administrator, false otherwise

      • setPermissionCheckExemptions

        public void setPermissionCheckExemptions​(PermissionCheckExemptions permissionCheckExemptions)

      • setContentTypeModuleResolver

        public void setContentTypeModuleResolver​(ContentTypeModuleResolver contentTypeModuleResolver)
        Since:
        7.16

      • setConfluenceAccessManager

        public void setConfluenceAccessManager​(ConfluenceAccessManager confluenceAccessManager)

      • setAccessModeManager

        public void setAccessModeManager​(AccessModeManager accessModeManager)

      • hasMovePermission

        public boolean hasMovePermission​(com.atlassian.user.User user,
                                 Object source,
                                 Object target,
                                 String movePoint)
        Description copied from interface: PermissionManager
        Determine whether a user has permission to move a particular entity to a given target.

        The target is the natural container of the object being moved to. For example, a pages is contained in a page, which is contained within a space. A space is contained within TARGET_APPLICATION.

        Specified by:
        hasMovePermission in interface PermissionManager
        Parameters:
        user - the user seeking permission, or null if the anonymous user is being checked against
        source - the object and all it descendants is being moved. If this object is null, the method will return false
        target - where is the source being moved to (see above)
        movePoint - indicate where source node and target node relative (i.a before, after, append)
        Returns:
        true if the user has permission, false otherwise

      • hasRemoveHierarchyPermission

        public boolean hasRemoveHierarchyPermission​(com.atlassian.user.User user,
                                            Object target)
        Description copied from interface: PermissionManager
        Determine whether a user has permission to remove a particular entity and all it children.

        The target is the natural container of the object being removed. For example, a page and all its descendants in a page, which is contained within a space.

        Specified by:
        hasRemoveHierarchyPermission in interface PermissionManager
        Parameters:
        user - the user seeking permission, or null if the anonymous user is being checked against
        target - where is the object and all its descendant are being removed
        Returns:
        true if the user has permission, false otherwise