public interface

EscalatedSecurityContext

com.atlassian.stash.user.EscalatedSecurityContext

Class Overview

Custom security context that specifies as what user and with which additional permissions an Operation should be called.

Summary

Public Methods
<T, E extends Throwable> T call(Operation<T, E> operation)
Executes an Operation as the specified user and added permissions.
@Nonnull EscalatedSecurityContext withPermission(Object resource, Permission permission)
Adds permissions on a particular resource to the set of elevated permissions.
@Nonnull EscalatedSecurityContext withPermission(Permission permission)
Adds permissions to the set of elevated permissions.
@Nonnull EscalatedSecurityContext withPermissions(Set<Permission> permissions)
Adds permissions to the set of elevated permissions.

Public Methods

public T call (Operation<T, E> operation)

Executes an Operation as the specified user and added permissions. The current security context is restored after the operation completes.

Note: Nesting invocations merges all elevated permissions rather than replacing the previous values.

Parameters
operation the operation to be executed
Returns
  • the return value of the provided operation
Throws
when the provided operation throws an exception
Throwable

@Nonnull public EscalatedSecurityContext withPermission (Object resource, Permission permission)

Adds permissions on a particular resource to the set of elevated permissions.

Parameters
resource the resource
permission the permission to be temporarily granted on the provided resource
Returns
  • the escalated security context

@Nonnull public EscalatedSecurityContext withPermission (Permission permission)

Adds permissions to the set of elevated permissions. If a resource permission (e.g. REPO_READ) is provided, the permission is granted to all resources.

Parameters
permission the permission to be temporarily granted
Returns
  • the escalated security context

@Nonnull public EscalatedSecurityContext withPermissions (Set<Permission> permissions)

Adds permissions to the set of elevated permissions. If a resource permission (e.g. REPO_READ) is provided, the permission is granted to all resources.

Parameters
permissions the permissions to be temporarily granted
Returns
  • the escalated security context