Package com.atlassian.confluence.security

Interface GateKeeper

  • All Known Implementing Classes:
    DownloadGateKeeper
    public interface GateKeeper
    Manages the granting of temporary permissions to retrieve resources. It is assumed that all resources managed by a GateKeeper are restricted, with permission being granted for particular users to particular resources. Resources are identified by a path (usually relative to some directory or URI root), the meaning of the path is implementation-dependent.

    Implementations of this interface are responsible for expiring permissions after some reasonable time period

    The interface was written to manage access to Confluence's temp directory, from which exports and backups can only be downloaded by the user who created them.

    • Method Detail

      • addKey

        @Deprecated
void addKey​(String path,
            com.atlassian.user.User user)
        Deprecated.
        since 8.4 Use addKey with Predicate to recheck permissions. Permit a user to download a particular resource. This permission is temporary, and may expire after whatever time period the GateKeeper thinks is reasonable.
        Parameters:
        path - the path to the resource being made accessible
        user - the user to grant permission for. null may be used to represent anonymous users.

      • addKey

        void addKey​(String path,
            com.atlassian.user.User user,
            Predicate<? super com.atlassian.user.User> permissionPredicate)

      • addKey

        @Deprecated
void addKey​(String path,
            String userName)
        Deprecated.
        since 8.4 Use addKey with Predicate to recheck permissions. Permit a user to download a particular resource. This permission is temporary, and may expire after whatever time period the GateKeeper thinks is reasonable.
        Parameters:
        path - the path to the resource being made accessible
        userName - the name of the user being given permission

      • addKey

        void addKey​(String path,
            String userName,
            Predicate<? super com.atlassian.user.User> permissionPredicate)

      • isAccessPermitted

        boolean isAccessPermitted​(String path,
                          com.atlassian.user.User user)
        Determine whether a user is permitted to access a resource.
        Parameters:
        path - the path to the resource being requested
        user - the user requesting permission to retrieve that resource
        Returns:
        true if the user is permitted to retrieve that resource, false otherwise

      • isAccessPermitted

        boolean isAccessPermitted​(String path,
                          String userName)
        Determine whether a user is permitted to access a resource.
        Parameters:
        path - the path to the resource being requested
        userName - the name of the user requesting permission to retrieve that resource
        Returns:
        true if the user is permitted to retrieve that resource, false otherwise

      • cleanAllKeys

        void cleanAllKeys()
        Revoke all granted permissions.

      • allowAnonymousAccess

        @Deprecated
void allowAnonymousAccess​(String path)
        Deprecated.
        since 8.4 Use addKey with Predicate to recheck permissions. Allow access to a resource for any user, including the anonymous user. This permission is temporary, and may expire after whatever time period the GateKeeper thinks is reasonable.
        Parameters:
        path - the path to the resource being made accessible

      • allowAnonymousAccess

        void allowAnonymousAccess​(String path,
                          Predicate<com.atlassian.user.User> permissionPredicate)