Package com.atlassian.confluence.impl.security.access

Class ActionAccessChecker

java.lang.Object

com.atlassian.confluence.impl.security.access.ActionAccessChecker

@ParametersAreNonnullByDefault
public class ActionAccessChecker
extends Object

Grants or denies the current user access to the action method currently being invoked, depending on which access check annotations are present. Annotations are checked in this order:

1. If the method being invoked has a concrete implementation in the current class AND it has access check annotations on it => allow or deny based on those access checks
2. Else if any access check annotations are present on the action class => allow or deny based on those access checks
3. Else if any access check annotations are present on the package => allow or deny based on those access checks
4. Else (no access check annotations found) => allow action through / no-op (relies on other access checks in the action)

This means that access check annotations on the action method override annotations on the class, and annotations on the class override annotations on the package. If for example, annotations are found on both the class and the package, then only the class level annotations will be checked

If multiple access check annotations are present on a particular method OR class OR package, then the user will be granted access if any of those access check annotations grant them access. For example, if a method has access check annotations "@A" and "@B", then the user will have access if either "@A" or "@B" grants access to that particular user.

Available annotations:

• PublicAccess
• RequiresAnyConfluenceAccess
• RequiresLicensedOrAnonymousConfluenceAccess
• RequiresLicensedConfluenceAccess

Since:

5.10

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
protected static class	ActionAccessChecker.AccessDecision

Constructor Summary

Constructors

Constructor	Description
ActionAccessChecker(ConfluenceAccessManager confluenceAccessManager, com.atlassian.event.api.EventPublisher eventPublisher, com.atlassian.cache.CacheFactory cacheFactory)

Method Summary

Modifier and Type	Method	Description
boolean	isAccessPermitted(Object action, @Nullable String methodName)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ActionAccessChecker

public ActionAccessChecker(ConfluenceAccessManager confluenceAccessManager,
                           com.atlassian.event.api.EventPublisher eventPublisher,
                           com.atlassian.cache.CacheFactory cacheFactory)

Method Detail

isAccessPermitted

public boolean isAccessPermitted(Object action,
                                 @Nullable String methodName)