Summary: Methods | [Expand All]
@PublicApi public interface

PermissionManager

implements JiraManager
com.atlassian.jira.security.PermissionManager
Known Indirect Subclasses

@PublicApi

This interface is designed for plugins to consume (call its methods).

Clients of @PublicApi can expect that programs compiled against a given version will remain binary compatible with later versions of the @PublicApi as per each product's API policy as long as the client does not implement/extend @PublicApi interfaces or classes (refer to each product's API policy for the exact guarantee---usually binary compatibility is guaranteed at least across minor versions).

Note: since @PublicApi interfaces and classes are not designed to be implemented or extended by clients, we may perform certain types of binary-incompatible changes to these classes and interfaces, but these will not affect well-behaved clients that do not extend/implement these types (in general, only classes and interfaces annotated with @PublicSpi are safe to extend/implement).

Class Overview

PermissionManager responsible for all project specific permissions.

See JIRA Permissions.

For all global Permissions it is recommended to use GlobalPermissionManager.

Summary

Public Methods
@Deprecated void addPermission(int permissionsId, GenericValue scheme, String parameter, String securityType)
This method is deprecated. Use createSchemeEntity(GenericValue, com.atlassian.jira.scheme.SchemeEntity) to add project permissions to a permission scheme. Use addPermission(com.atlassian.jira.permission.GlobalPermissionType, String) to add global permissions. Since v6.3.
Collection<Group> getAllGroups(int permissionId, Project project)
Retrieve all groups that are used in the permission globally and in the project.
Collection<ProjectPermission> getAllProjectPermissions()
@Deprecated Collection<Project> getProjectObjects(int permissionId, User user)
This method is deprecated.
Since v6.0: Use getProjects(int, ApplicationUser) instead.
Since v6.3: Use getProjects(ProjectPermissionKey, ApplicationUser) instead.
Option<ProjectPermission> getProjectPermission(ProjectPermissionKey permissionKey)
Returns a project permission matching the specified key.
Collection<ProjectPermission> getProjectPermissions(ProjectPermissionCategory category)
@Deprecated Collection<Project> getProjects(int permissionId, User user, ProjectCategory projectCategory)
This method is deprecated.
Since v6.0: Use getProjects(int, ApplicationUser, ProjectCategory) instead.
Since v6.3: Use getProjects(ProjectPermissionKey, ApplicationUser, ProjectCategory) instead.
@Deprecated Collection<GenericValue> getProjects(int permissionId, User user, GenericValue category)
This method is deprecated.
Since v5.0: Use getProjects(int, User, ProjectCategory) instead.
Since v6.0: Use getProjects(int, ApplicationUser, ProjectCategory) instead.
Since v6.3: Use getProjects(ProjectPermissionKey, ApplicationUser, ProjectCategory) instead.
@Deprecated Collection<Project> getProjects(int permissionId, ApplicationUser user, ProjectCategory projectCategory)
This method is deprecated. Use getProjects(ProjectPermissionKey, ApplicationUser, ProjectCategory) instead. Since v6.3.
@Deprecated Collection<Project> getProjects(int permissionId, ApplicationUser user)
This method is deprecated. Use getProjects(ProjectPermissionKey, ApplicationUser) instead. Since v6.3.
Collection<Project> getProjects(ProjectPermissionKey permissionKey, ApplicationUser user, ProjectCategory projectCategory)
Returns the list of projects associated with the specified category, that this user has the permissions for.
@Deprecated Collection<GenericValue> getProjects(int permissionId, User user)
This method is deprecated. Please use getProjectObjects(int, com.atlassian.crowd.embedded.api.User). Since v4.3
Collection<Project> getProjects(ProjectPermissionKey permissionKey, ApplicationUser user)
Retrieve a list of project objects this user has the permission for
@Deprecated boolean hasPermission(int permissionsId, ApplicationUser user)
This method is deprecated. Use hasPermission(com.atlassian.jira.permission.GlobalPermissionType, ApplicationUser) instead. Since v6.3.Use hasPermission(com.atlassian.jira.permission.GlobalPermissionKey, com.atlassian.jira.user.ApplicationUser) instead. Since v6.2.5.
@Deprecated boolean hasPermission(int permissionsId, Project project, User user)
This method is deprecated.
Since v6.0: Use hasPermission(int, Project, ApplicationUser) instead.
Since v6.3: Use hasPermission(ProjectPermissionKey, Project, ApplicationUser) instead.
boolean hasPermission(ProjectPermissionKey permissionKey, Project project, ApplicationUser user)
Checks whether the specified user has a specified permission within the context of a specified project.
boolean hasPermission(ProjectPermissionKey permissionKey, Project project, ApplicationUser user, boolean issueCreation)
Checks whether the specified user has a specified permission within the context of a specified project.
@Deprecated boolean hasPermission(int permissionsId, GenericValue project, User user, boolean issueCreation)
This method is deprecated.
Since v3.11: Use hasPermission(int, Issue, User) for Issues or hasPermission(int, Project, User, boolean) for Projects.
Since v6.0: Use hasPermission(int, Issue, ApplicationUser) for Issues or hasPermission(int, Project, ApplicationUser, boolean) for Projects.
Since v6.3: Use hasPermission(ProjectPermissionKey, Issue, ApplicationUser) for Issues or hasPermission(ProjectPermissionKey, Project, ApplicationUser, boolean) for Projects.
@Deprecated boolean hasPermission(int permissionsId, Project project, User user, boolean issueCreation)
This method is deprecated.
Since v6.0: Use hasPermission(int, Project, ApplicationUser, boolean) instead.
Since v6.3: Use hasPermission(ProjectPermissionKey, Project, ApplicationUser, boolean) instead.
@Deprecated boolean hasPermission(int permissionsId, Project project, ApplicationUser user, boolean issueCreation)
This method is deprecated. Use hasPermission(ProjectPermissionKey, Project, ApplicationUser, boolean) instead. Since v6.3.
@Deprecated boolean hasPermission(int permissionsId, User user)
This method is deprecated. Use hasPermission(int, ApplicationUser) instead. Since v6.0.
@Deprecated boolean hasPermission(int permissionsId, Issue issue, User user)
This method is deprecated.
Since v6.0: Use hasPermission(int, Issue, ApplicationUser) instead.
Since v6.3: Use hasPermission(ProjectPermissionKey, Issue, ApplicationUser) instead.
boolean hasPermission(ProjectPermissionKey permissionKey, Issue issue, ApplicationUser user)
Checks to see if this user has permission to see the specified issue.
@Deprecated boolean hasPermission(int permissionsId, GenericValue entity, User u)
This method is deprecated.
Since v3.11: Use hasPermission(int, Issue, User) for Issues or hasPermission(int, Project, User) for Projects.
Since v6.0: Use hasPermission(int, Issue, ApplicationUser) for Issues or hasPermission(int, Project, ApplicationUser) for Projects.
Since v6.3: Use hasPermission(ProjectPermissionKey, Issue, ApplicationUser) for Issues or hasPermission(ProjectPermissionKey, Project, ApplicationUser) for Projects.
@Deprecated boolean hasPermission(int permissionsId, Project project, ApplicationUser user)
This method is deprecated. Use hasPermission(ProjectPermissionKey, Project, ApplicationUser) instead. Since v6.3.
@Deprecated boolean hasPermission(int permissionsId, Issue issue, ApplicationUser user)
This method is deprecated. Use hasPermission(ProjectPermissionKey, Issue, ApplicationUser) instead. Since v6.3.
boolean hasProjects(ProjectPermissionKey permissionKey, ApplicationUser user)
Can this user see at least one project with this permission
@Deprecated boolean hasProjects(int permissionId, User user)
This method is deprecated. Use hasProjects(ProjectPermissionKey, ApplicationUser) instead. Since v6.3.
@Deprecated boolean hasProjects(int permissionId, ApplicationUser user)
This method is deprecated. Use hasProjects(ProjectPermissionKey, ApplicationUser) instead. Since v6.3.
void removeGroupPermissions(String group)
Remove all permissions that have used this group
@Deprecated void removeUserPermissions(String username)
This method is deprecated. Use removeUserPermissions(ApplicationUser) instead. Since v6.0.
void removeUserPermissions(ApplicationUser user)
Remove all permissions that have been assigned to this user

Public Methods

@Deprecated public void addPermission (int permissionsId, GenericValue scheme, String parameter, String securityType)

This method is deprecated.
Use createSchemeEntity(GenericValue, com.atlassian.jira.scheme.SchemeEntity) to add project permissions to a permission scheme. Use addPermission(com.atlassian.jira.permission.GlobalPermissionType, String) to add global permissions. Since v6.3.

Grants a permission to the system.

Parameters
permissionsId Permissions value. E.g. See ADMINISTER
scheme If null permission is global otherwise it is added to the scheme
parameter Used for e.g. group name
securityType e.g. GroupDropdown.DESC
Throws
CreateException if permission creation fails

public Collection<Group> getAllGroups (int permissionId, Project project)

Retrieve all groups that are used in the permission globally and in the project.

Parameters
permissionId permission id
project project from which to retrieve groups
Returns
  • a collection of Groups

public Collection<ProjectPermission> getAllProjectPermissions ()

Returns
  • all project permissions.

@Deprecated public Collection<Project> getProjectObjects (int permissionId, User user)

This method is deprecated.

Since v6.0: Use getProjects(int, ApplicationUser) instead.
Since v6.3: Use getProjects(ProjectPermissionKey, ApplicationUser) instead.

Retrieve a list of project objects this user has the permission for

Parameters
permissionId must NOT be a global permission
user user
Returns

public Option<ProjectPermission> getProjectPermission (ProjectPermissionKey permissionKey)

Returns a project permission matching the specified key.

Parameters
permissionKey A project permission key.
Returns
  • a project permission for the given permission key. none() if there is no permission with this key.

public Collection<ProjectPermission> getProjectPermissions (ProjectPermissionCategory category)

Parameters
category project permission category.
Returns
  • all project permissions of the specified category.

@Deprecated public Collection<Project> getProjects (int permissionId, User user, ProjectCategory projectCategory)

This method is deprecated.

Since v6.0: Use getProjects(int, ApplicationUser, ProjectCategory) instead.
Since v6.3: Use getProjects(ProjectPermissionKey, ApplicationUser, ProjectCategory) instead.

Returns the list of projects associated with the specified category, that this user has the permissions for.

Parameters
permissionId permission id
user user
projectCategory the ProjectCategory
Returns
  • the list of projects associated with the specified category, that this user has the permissions for.

@Deprecated public Collection<GenericValue> getProjects (int permissionId, User user, GenericValue category)

This method is deprecated.

Since v5.0: Use getProjects(int, User, ProjectCategory) instead.
Since v6.0: Use getProjects(int, ApplicationUser, ProjectCategory) instead.
Since v6.3: Use getProjects(ProjectPermissionKey, ApplicationUser, ProjectCategory) instead.

Retrieve a list of projects associated with the specified category, that this user has the permissions for

Parameters
permissionId permission id
user user
category GenericValue representing category
Returns
  • a collection of GenericValue objects

@Deprecated public Collection<Project> getProjects (int permissionId, ApplicationUser user, ProjectCategory projectCategory)

This method is deprecated.
Use getProjects(ProjectPermissionKey, ApplicationUser, ProjectCategory) instead. Since v6.3.

Returns the list of projects associated with the specified category, that this user has the permissions for.

Parameters
permissionId permission id
user user
projectCategory the ProjectCategory
Returns
  • the list of projects associated with the specified category, that this user has the permissions for.

@Deprecated public Collection<Project> getProjects (int permissionId, ApplicationUser user)

This method is deprecated.
Use getProjects(ProjectPermissionKey, ApplicationUser) instead. Since v6.3.

Retrieve a list of project objects this user has the permission for

Parameters
permissionId must NOT be a global permission
user user
Returns

public Collection<Project> getProjects (ProjectPermissionKey permissionKey, ApplicationUser user, ProjectCategory projectCategory)

Returns the list of projects associated with the specified category, that this user has the permissions for.

Parameters
permissionKey permission key
user user
projectCategory the ProjectCategory
Returns
  • the list of projects associated with the specified category, that this user has the permissions for.

@Deprecated public Collection<GenericValue> getProjects (int permissionId, User user)

This method is deprecated.
Please use getProjectObjects(int, com.atlassian.crowd.embedded.api.User). Since v4.3

Retrieve a list of projects this user has the permission for

Parameters
permissionId must NOT be a global permission
user user
Returns
  • a collection of GenericValue objects

public Collection<Project> getProjects (ProjectPermissionKey permissionKey, ApplicationUser user)

Retrieve a list of project objects this user has the permission for

Parameters
permissionKey must NOT be a global permission
user user
Returns

@Deprecated public boolean hasPermission (int permissionsId, ApplicationUser user)

This method is deprecated.
Use hasPermission(com.atlassian.jira.permission.GlobalPermissionType, ApplicationUser) instead. Since v6.3.Use hasPermission(com.atlassian.jira.permission.GlobalPermissionKey, com.atlassian.jira.user.ApplicationUser) instead. Since v6.2.5.

Checks to see if this user has the specified permission. It will check only global permissions as there are no other permissions to check.

Parameters
permissionsId permission id
user user, can be null - anonymous user
Returns
  • true if user is granted given permission, false otherwise
See Also

@Deprecated public boolean hasPermission (int permissionsId, Project project, User user)

This method is deprecated.

Since v6.0: Use hasPermission(int, Project, ApplicationUser) instead.
Since v6.3: Use hasPermission(ProjectPermissionKey, Project, ApplicationUser) instead.

Checks whether the specified user has a specified permission within the context of a specified project.

Parameters
permissionsId A non-global permission, i.e. a permission that is granted via a project context
project The project that is the context of the permission check.
user The person to perform the permission check for
Returns
  • true if the user has the specified permission in the context of the supplied project

public boolean hasPermission (ProjectPermissionKey permissionKey, Project project, ApplicationUser user)

Checks whether the specified user has a specified permission within the context of a specified project.

Parameters
permissionKey A non-global permission, i.e. a permission that is granted via a project context
project The project that is the context of the permission check.
user The person to perform the permission check for
Returns
  • true if the user has the specified permission in the context of the supplied project

public boolean hasPermission (ProjectPermissionKey permissionKey, Project project, ApplicationUser user, boolean issueCreation)

Checks whether the specified user has a specified permission within the context of a specified project.

Parameters
permissionKey A non-global permission, i.e. a permission that is granted via a project context
project The project that is the context of the permission check.
user The person to perform the permission check for
issueCreation Whether this permission is being checked during issue creation
Returns
  • true if the user has the specified permission in the context of the supplied project

@Deprecated public boolean hasPermission (int permissionsId, GenericValue project, User user, boolean issueCreation)

This method is deprecated.

Since v3.11: Use hasPermission(int, Issue, User) for Issues or hasPermission(int, Project, User, boolean) for Projects.
Since v6.0: Use hasPermission(int, Issue, ApplicationUser) for Issues or hasPermission(int, Project, ApplicationUser, boolean) for Projects.
Since v6.3: Use hasPermission(ProjectPermissionKey, Issue, ApplicationUser) for Issues or hasPermission(ProjectPermissionKey, Project, ApplicationUser, boolean) for Projects.

Does the same as hasPermission(int, org.ofbiz.core.entity.GenericValue, User) except the entity is a project GenericValue.

Parameters
permissionsId Not a global permission
project Not null.
user User object, possibly null if JIRA is accessed anonymously
issueCreation Whether this permission is being checked during issue creation
Returns
  • True if there are sufficient rights to access the entity supplied

@Deprecated public boolean hasPermission (int permissionsId, Project project, User user, boolean issueCreation)

This method is deprecated.

Since v6.0: Use hasPermission(int, Project, ApplicationUser, boolean) instead.
Since v6.3: Use hasPermission(ProjectPermissionKey, Project, ApplicationUser, boolean) instead.

Checks whether the specified user has a specified permission within the context of a specified project.

Parameters
permissionsId A non-global permission, i.e. a permission that is granted via a project context
project The project that is the context of the permission check.
user The person to perform the permission check for
issueCreation Whether this permission is being checked during issue creation
Returns
  • true if the user has the specified permission in the context of the supplied project

@Deprecated public boolean hasPermission (int permissionsId, Project project, ApplicationUser user, boolean issueCreation)

This method is deprecated.
Use hasPermission(ProjectPermissionKey, Project, ApplicationUser, boolean) instead. Since v6.3.

Checks whether the specified user has a specified permission within the context of a specified project.

Parameters
permissionsId A non-global permission, i.e. a permission that is granted via a project context
project The project that is the context of the permission check.
user The person to perform the permission check for
issueCreation Whether this permission is being checked during issue creation
Returns
  • true if the user has the specified permission in the context of the supplied project

@Deprecated public boolean hasPermission (int permissionsId, User user)

This method is deprecated.
Use hasPermission(int, ApplicationUser) instead. Since v6.0.

Checks to see if this user has the specified permission. It will check only global permissions as there are no other permissions to check.

Parameters
permissionsId permission id
user user, can be null - anonymous user
Returns
  • true if user is granted given permission, false otherwise
See Also

@Deprecated public boolean hasPermission (int permissionsId, Issue issue, User user)

This method is deprecated.

Since v6.0: Use hasPermission(int, Issue, ApplicationUser) instead.
Since v6.3: Use hasPermission(ProjectPermissionKey, Issue, ApplicationUser) instead.

Checks to see if this user has permission to see the specified issue.

Note that if the issue's generic value is null, it is assumed that the issue is currently being created, and so the permission check call is deferred to the issue's project object, with the issueCreation flag set to true. See JRA-14788 for more info.

Parameters
permissionsId Not a global permission
issue The Issue (cannot be null)
user User object, possibly null if JIRA is accessed anonymously
Returns
  • True if there are sufficient rights to access the entity supplied

public boolean hasPermission (ProjectPermissionKey permissionKey, Issue issue, ApplicationUser user)

Checks to see if this user has permission to see the specified issue.

Note that if the issue's generic value is null, it is assumed that the issue is currently being created, and so the permission check call is deferred to the issue's project object, with the issueCreation flag set to true. See JRA-14788 for more info.

Parameters
permissionKey Not a global permission key
issue The Issue (cannot be null)
user User object, possibly null if JIRA is accessed anonymously
Returns
  • True if there are sufficient rights to access the entity supplied

@Deprecated public boolean hasPermission (int permissionsId, GenericValue entity, User u)

This method is deprecated.

Since v3.11: Use hasPermission(int, Issue, User) for Issues or hasPermission(int, Project, User) for Projects.
Since v6.0: Use hasPermission(int, Issue, ApplicationUser) for Issues or hasPermission(int, Project, ApplicationUser) for Projects.
Since v6.3: Use hasPermission(ProjectPermissionKey, Issue, ApplicationUser) for Issues or hasPermission(ProjectPermissionKey, Project, ApplicationUser) for Projects.

Checks to see if this has permission to see the specified entity. Check Permissions scheme(s) if the entity is project. Check Permissions scheme(s) and issue level security scheme(s) if the entity is an issue.

Parameters
permissionsId Not a global permission
entity Not null. Must be either an issue or project.
u User object, possibly null if JIRA is accessed anonymously
Returns
  • True if there are sufficient rights to access the entity supplied
Throws
IllegalArgumentException If the entity supplied is NOT an issue or project.

@Deprecated public boolean hasPermission (int permissionsId, Project project, ApplicationUser user)

This method is deprecated.
Use hasPermission(ProjectPermissionKey, Project, ApplicationUser) instead. Since v6.3.

Checks whether the specified user has a specified permission within the context of a specified project.

Parameters
permissionsId A non-global permission, i.e. a permission that is granted via a project context
project The project that is the context of the permission check.
user The person to perform the permission check for
Returns
  • true if the user has the specified permission in the context of the supplied project

@Deprecated public boolean hasPermission (int permissionsId, Issue issue, ApplicationUser user)

This method is deprecated.
Use hasPermission(ProjectPermissionKey, Issue, ApplicationUser) instead. Since v6.3.

Checks to see if this user has permission to see the specified issue.

Note that if the issue's generic value is null, it is assumed that the issue is currently being created, and so the permission check call is deferred to the issue's project object, with the issueCreation flag set to true. See JRA-14788 for more info.

Parameters
permissionsId Not a global permission
issue The Issue (cannot be null)
user User object, possibly null if JIRA is accessed anonymously
Returns
  • True if there are sufficient rights to access the entity supplied

public boolean hasProjects (ProjectPermissionKey permissionKey, ApplicationUser user)

Can this user see at least one project with this permission

Parameters
permissionKey must NOT be a global permission
user user being checked
Returns
  • true the given user can see at least one project with the given permission, false otherwise

@Deprecated public boolean hasProjects (int permissionId, User user)

This method is deprecated.
Use hasProjects(ProjectPermissionKey, ApplicationUser) instead. Since v6.3.

Can this user see at least one project with this permission

Parameters
permissionId must NOT be a global permission
user user being checked
Returns
  • true the given user can see at least one project with the given permission, false otherwise

@Deprecated public boolean hasProjects (int permissionId, ApplicationUser user)

This method is deprecated.
Use hasProjects(ProjectPermissionKey, ApplicationUser) instead. Since v6.3.

Can this user see at least one project with this permission

Parameters
permissionId must NOT be a global permission
user user being checked
Returns
  • true the given user can see at least one project with the given permission, false otherwise

public void removeGroupPermissions (String group)

Remove all permissions that have used this group

Parameters
group The name of the group that needs to be removed, must NOT be null and must be a real group
Throws
RemoveException if permission removal fails

@Deprecated public void removeUserPermissions (String username)

This method is deprecated.
Use removeUserPermissions(ApplicationUser) instead. Since v6.0.

Remove all permissions that have used this username

Parameters
username username of the user whose permissions are to be removed
Throws
RemoveException if permission removal fails

public void removeUserPermissions (ApplicationUser user)

Remove all permissions that have been assigned to this user

Parameters
user the user whose permissions are to be removed
Throws
RemoveException
RemoveException