public class

ReferenceAuthorisation

extends Object
implements Authorisation
java.lang.Object
   ↳ com.atlassian.jira.dev.reference.plugin.security.auth.ReferenceAuthorisation

Summary

Public Constructors
ReferenceAuthorisation()
Public Methods
Authorisation.Decision authoriseForLogin(ApplicationUser user, HttpServletRequest httpServletRequest)
Called to ask whether a user is authorised to perform the given request when trying to login and estblish a new session with JIRA.
Authorisation.Decision authoriseForRole(ApplicationUser user, HttpServletRequest httpServletRequest, String role)
This is called by the security layers to ask whether a user is authorised to perform the given request with the provided role string.
Set<String> getRequiredRoles(HttpServletRequest httpServletRequest)
This is called by the security layers to get a set of role strings that are required for this request.
[Expand]
Inherited Methods
From class java.lang.Object
From interface com.atlassian.jira.security.auth.Authorisation

Public Constructors

public ReferenceAuthorisation ()

Public Methods

public Authorisation.Decision authoriseForLogin (ApplicationUser user, HttpServletRequest httpServletRequest)

Called to ask whether a user is authorised to perform the given request when trying to login and estblish a new session with JIRA.

At this stage the user has been authenticated by not authorised to login.

Parameters
user a non null user that has been authenticated
httpServletRequest the request in play
Returns
  • a decision on authorisation

public Authorisation.Decision authoriseForRole (ApplicationUser user, HttpServletRequest httpServletRequest, String role)

This is called by the security layers to ask whether a user is authorised to perform the given request with the provided role string.

You may be called with role strings that you did not give out. In this case you should ABSTAIN from a decision.

Parameters
user a user that may be null
httpServletRequest the request in play
Returns
  • a decision on authorisation

public Set<String> getRequiredRoles (HttpServletRequest httpServletRequest)

This is called by the security layers to get a set of role strings that are required for this request. Once a user has been set into the authentication context then #authoriseForRole(com.atlassian.crowd.embedded.api.User, javax.servlet.http.HttpServletRequest, String) will be called to decide if they are in fact authorised to execute this request.

NOTE : If you give off a role MUST answer when you are called back via #authoriseForRole(com.atlassian.crowd.embedded.api.User, javax.servlet.http.HttpServletRequest, String).

Parameters
httpServletRequest the request in play
Returns
  • a decision on authorisation