public class

ApplicationRequiredPermissionManager

extends Object
implements PermissionManager
java.lang.Object
   ↳ com.atlassian.jira.security.ApplicationRequiredPermissionManager

Class Overview

This is a PermissionManager to ensure that any user has an application (hasAnyRole(ApplicationUser)). The user's permissions are completely revoked when the user has no application access.

This is a delegate that redirects all requests to a PermissionManager. When the user has access to at least one application it redirects the call for the delegate to compute. When the user does not have access it simply returns as if the delegate returned denied (without calling the delegate).

Summary

Public Constructors
ApplicationRequiredPermissionManager(PermissionManager permissionManager)
Public Methods
Collection<Group> getAllGroups(int permissionId, Project project)
Retrieve all groups that are used in the permission globally and in the project.
Collection<ProjectPermission> getAllProjectPermissions()
Option<ProjectPermission> getProjectPermission(ProjectPermissionKey permissionKey)
Returns a project permission matching the specified key.
Collection<ProjectPermission> getProjectPermissions(ProjectPermissionCategory category)
Collection<Project> getProjects(ProjectPermissionKey permissionKey, ApplicationUser user)
Retrieve a list of project objects this user has the permission for
@Deprecated Collection<Project> getProjects(int permissionId, ApplicationUser user)
Retrieve a list of project objects this user has the permission for
Collection<Project> getProjects(ProjectPermissionKey permissionKey, ApplicationUser user, ProjectCategory projectCategory)
Returns the list of projects associated with the specified category, that this user has the permissions for.
@Deprecated Collection<Project> getProjects(int permissionId, ApplicationUser user, ProjectCategory projectCategory)
Returns the list of projects associated with the specified category, that this user has the permissions for.
boolean hasPermission(ProjectPermissionKey permissionKey, Issue issue, ApplicationUser user, ActionDescriptor actionDescriptor)
Checks to see if this user has the given permission to the specified issue after the given workflow transition takes effect.
@Deprecated boolean hasPermission(int permissionsId, Issue issue, ApplicationUser user)
Checks to see if this user has permission to see the specified issue.
@Deprecated boolean hasPermission(int permissionsId, ApplicationUser user)
Checks to see if this user has the specified permission.
boolean hasPermission(ProjectPermissionKey permissionKey, Project project, ApplicationUser user, boolean issueCreation)
Checks whether the specified user has a specified permission within the context of a specified project.
boolean hasPermission(ProjectPermissionKey permissionKey, Issue issue, ApplicationUser user, Status status)
Checks to see if this user has the given permission to the specified issue if the issue was in the given status.
boolean hasPermission(ProjectPermissionKey permissionKey, Issue issue, ApplicationUser user)
Checks to see if this user has permission to see the specified issue.
@Deprecated boolean hasPermission(int permissionsId, Project project, ApplicationUser user)
Checks whether the specified user has a specified permission within the context of a specified project.
boolean hasPermission(ProjectPermissionKey permissionKey, Project project, ApplicationUser user)
Checks whether the specified user has a specified permission within the context of a specified project.
@Deprecated boolean hasPermission(int permissionsId, Project project, ApplicationUser user, boolean issueCreation)
Checks whether the specified user has a specified permission within the context of a specified project.
@Nonnull ProjectWidePermission hasProjectWidePermission(ProjectPermissionKey permissionKey, Project project, ApplicationUser user)
Checks whether a user has a particular permission in the given project.
@Deprecated boolean hasProjects(int permissionId, ApplicationUser user)
Can this user see at least one project with this permission
boolean hasProjects(ProjectPermissionKey permissionKey, ApplicationUser user)
Can this user see at least one project with this permission
void removeGroupPermissions(String group)
Remove all permissions that have used this group
void removeUserPermissions(ApplicationUser user)
Remove all permissions that have been assigned to this user
[Expand]
Inherited Methods
From class java.lang.Object
From interface com.atlassian.jira.security.PermissionManager

Public Constructors

public ApplicationRequiredPermissionManager (PermissionManager permissionManager)

Public Methods

public Collection<Group> getAllGroups (int permissionId, Project project)

Retrieve all groups that are used in the permission globally and in the project.

Parameters
permissionId permission id
project project from which to retrieve groups
Returns
  • a collection of Groups

public Collection<ProjectPermission> getAllProjectPermissions ()

public Option<ProjectPermission> getProjectPermission (ProjectPermissionKey permissionKey)

Returns a project permission matching the specified key.

Parameters
permissionKey A project permission key.
Returns
  • a project permission for the given permission key. none() if there is no permission with this key.

public Collection<ProjectPermission> getProjectPermissions (ProjectPermissionCategory category)

public Collection<Project> getProjects (ProjectPermissionKey permissionKey, ApplicationUser user)

Retrieve a list of project objects this user has the permission for

Parameters
permissionKey must NOT be a global permission
user user
Returns

@Deprecated public Collection<Project> getProjects (int permissionId, ApplicationUser user)

Retrieve a list of project objects this user has the permission for

Parameters
permissionId must NOT be a global permission
user user
Returns

public Collection<Project> getProjects (ProjectPermissionKey permissionKey, ApplicationUser user, ProjectCategory projectCategory)

Returns the list of projects associated with the specified category, that this user has the permissions for.

Parameters
permissionKey permission key
user user
projectCategory the ProjectCategory - null means find projects with no category.
Returns
  • the list of projects associated with the specified category, that this user has the permissions for.

@Deprecated public Collection<Project> getProjects (int permissionId, ApplicationUser user, ProjectCategory projectCategory)

Returns the list of projects associated with the specified category, that this user has the permissions for.

Parameters
permissionId permission id
user user
projectCategory the ProjectCategory
Returns
  • the list of projects associated with the specified category, that this user has the permissions for.

public boolean hasPermission (ProjectPermissionKey permissionKey, Issue issue, ApplicationUser user, ActionDescriptor actionDescriptor)

Checks to see if this user has the given permission to the specified issue after the given workflow transition takes effect.

Parameters
permissionKey The project permission key.
issue The Issue (cannot be null)
user User object, possibly null if JIRA is accessed anonymously
actionDescriptor Represents the current workflow transition
Returns
  • True if there are sufficient rights to access the entity supplied

@Deprecated public boolean hasPermission (int permissionsId, Issue issue, ApplicationUser user)

Checks to see if this user has permission to see the specified issue.

Note that if the issue's generic value is null, it is assumed that the issue is currently being created, and so the permission check call is deferred to the issue's project object, with the issueCreation flag set to true. See JRA-14788 for more info.

Parameters
permissionsId Not a global permission
issue The Issue (cannot be null)
user User object, possibly null if JIRA is accessed anonymously
Returns
  • True if there are sufficient rights to access the entity supplied

@Deprecated public boolean hasPermission (int permissionsId, ApplicationUser user)

Checks to see if this user has the specified permission. It will check only global permissions as there are no other permissions to check.

Parameters
permissionsId permission id
user user, can be null - anonymous user
Returns
  • true if user is granted given permission, false otherwise

public boolean hasPermission (ProjectPermissionKey permissionKey, Project project, ApplicationUser user, boolean issueCreation)

Checks whether the specified user has a specified permission within the context of a specified project.

Parameters
permissionKey A non-global permission, i.e. a permission that is granted via a project context
project The project that is the context of the permission check.
user The person to perform the permission check for
issueCreation Whether this permission is being checked during issue creation
Returns
  • true if the user has the specified permission in the context of the supplied project

public boolean hasPermission (ProjectPermissionKey permissionKey, Issue issue, ApplicationUser user, Status status)

Checks to see if this user has the given permission to the specified issue if the issue was in the given status.

This method is useful during a workflow transition to check what the permissions will be in the new status, or (after the status is updated in the Issue object) to check what the permission would have been in the old status.

Parameters
permissionKey The project permission key.
issue The Issue (cannot be null)
user User object, possibly null if JIRA is accessed anonymously
status Represents the state we are checking permissions against
Returns
  • True if there are sufficient rights to access the entity supplied

public boolean hasPermission (ProjectPermissionKey permissionKey, Issue issue, ApplicationUser user)

Checks to see if this user has permission to see the specified issue.

Note that if the issue's generic value is null, it is assumed that the issue is currently being created, and so the permission check call is deferred to the issue's project object, with the issueCreation flag set to true. See JRA-14788 for more info.

Parameters
permissionKey Not a global permission key
issue The Issue (cannot be null)
user User object, possibly null if JIRA is accessed anonymously
Returns
  • True if there are sufficient rights to access the entity supplied

@Deprecated public boolean hasPermission (int permissionsId, Project project, ApplicationUser user)

Checks whether the specified user has a specified permission within the context of a specified project.

Parameters
permissionsId A non-global permission, i.e. a permission that is granted via a project context
project The project that is the context of the permission check.
user The person to perform the permission check for
Returns
  • true if the user has the specified permission in the context of the supplied project

public boolean hasPermission (ProjectPermissionKey permissionKey, Project project, ApplicationUser user)

Checks whether the specified user has a specified permission within the context of a specified project.

Parameters
permissionKey A non-global permission, i.e. a permission that is granted via a project context
project The project that is the context of the permission check.
user The person to perform the permission check for
Returns
  • true if the user has the specified permission in the context of the supplied project

@Deprecated public boolean hasPermission (int permissionsId, Project project, ApplicationUser user, boolean issueCreation)

Checks whether the specified user has a specified permission within the context of a specified project.

Parameters
permissionsId A non-global permission, i.e. a permission that is granted via a project context
project The project that is the context of the permission check.
user The person to perform the permission check for
issueCreation Whether this permission is being checked during issue creation
Returns
  • true if the user has the specified permission in the context of the supplied project

@Nonnull public ProjectWidePermission hasProjectWidePermission (ProjectPermissionKey permissionKey, Project project, ApplicationUser user)

Checks whether a user has a particular permission in the given project.

This method returns a tri-state enum in order to convey information about permissions that are granted on a per-issue basis.

  • ALL_ISSUES : this user has the given permission for all issues in this project
  • NO_ISSUES : this user definitely does not have the given permission for any issues in this project
  • ISSUE_SPECIFIC : the user may have this permission on some issues, but not others
Note that even if this method returns ISSUE_SPECIFIC, it may be that there are no issues for which the user has the permission granted.

Parameters
permissionKey A project permission
project The project that is the context of the permission check.
user The person to perform the permission check for (null means anonymous)
Returns
  • ALL_ISSUES, NO_ISSUES, or ISSUE_SPECIFIC

@Deprecated public boolean hasProjects (int permissionId, ApplicationUser user)

Can this user see at least one project with this permission

Parameters
permissionId must NOT be a global permission
user user being checked
Returns
  • true the given user can see at least one project with the given permission, false otherwise

public boolean hasProjects (ProjectPermissionKey permissionKey, ApplicationUser user)

Can this user see at least one project with this permission

Parameters
permissionKey must NOT be a global permission
user user being checked
Returns
  • true the given user can see at least one project with the given permission, false otherwise

public void removeGroupPermissions (String group)

Remove all permissions that have used this group

Parameters
group The name of the group that needs to be removed, must NOT be null and must be a real group

public void removeUserPermissions (ApplicationUser user)

Remove all permissions that have been assigned to this user

Parameters
user the user whose permissions are to be removed