Summary: Methods | [Expand All]
public interface

AuthorisationManager

com.atlassian.jira.security.auth.AuthorisationManager
Known Indirect Subclasses

Class Overview

Provides Authorisation of the user to a request. Called as part of the Seraph waltz!

Summary

Public Methods
boolean authoriseForLogin(ApplicationUser user, HttpServletRequest httpServletRequest)
Called to ask whether a user (non null always) is authorised to perform the given request as a login event
boolean authoriseForRole(ApplicationUser user, HttpServletRequest httpServletRequest, String role)
Called to ask whether a user (non null always) is authorised to perform the given request as a login event
Set<String> getRequiredRoles(HttpServletRequest httpServletRequest)
Gets the set of role strings that are examined by Seraph to decide if a user is authorised to execute a request.

Public Methods

public boolean authoriseForLogin (ApplicationUser user, HttpServletRequest httpServletRequest)

Called to ask whether a user (non null always) is authorised to perform the given request as a login event

Parameters
user a non null user
httpServletRequest the request in play
Returns
  • true if they are authorised to perform the request

public boolean authoriseForRole (ApplicationUser user, HttpServletRequest httpServletRequest, String role)

Called to ask whether a user (non null always) is authorised to perform the given request as a login event

Parameters
user a possibly null user
httpServletRequest the request in play
role one or more of the roles that was given out during getRequiredRoles(javax.servlet.http.HttpServletRequest)
Returns
  • true if they are authorised to perform the request

public Set<String> getRequiredRoles (HttpServletRequest httpServletRequest)

Gets the set of role strings that are examined by Seraph to decide if a user is authorised to execute a request.

Parameters
httpServletRequest the request in play
Returns
  • a set of roles