Package com.atlassian.bamboo.security
Class DefaultAnnotatedPermitChecker
java.lang.Object
com.atlassian.bamboo.security.DefaultAnnotatedPermitChecker
- All Implemented Interfaces:
AnnotatedPermitChecker
-
Field Summary
Fields inherited from interface com.atlassian.bamboo.security.AnnotatedPermitChecker
ANNOTATED_PERMITTED_CHECKER_ATTR
-
Constructor Summary
ConstructorDescriptionDefaultAnnotatedPermitChecker
(Supplier<org.acegisecurity.Authentication> currentUserSupplier, boolean allowAnonymousAccessForNotAnnotatedMembers) DefaultAnnotatedPermitChecker
(org.acegisecurity.Authentication currentUser, boolean allowAnonymousAccessForNotAnnotatedMembers) -
Method Summary
Modifier and TypeMethodDescriptionboolean
Checks behaviour of unannotated methods.boolean
verifyIsPermitted
(Class<?> checkingClass) Verifies is current user has access to methods in a given class.boolean
verifyIsPermitted
(Class<?> checkingClass, Method method) Verifies is current user has access to the given method.boolean
verifyIsPermitted
(Class<?> checkingClass, String checkingMethodName, Class<?>... checkingMethodParameterTypes) Verifies if current user has access to the given method..
-
Constructor Details
-
DefaultAnnotatedPermitChecker
public DefaultAnnotatedPermitChecker(org.acegisecurity.Authentication currentUser, boolean allowAnonymousAccessForNotAnnotatedMembers) -
DefaultAnnotatedPermitChecker
public DefaultAnnotatedPermitChecker(Supplier<org.acegisecurity.Authentication> currentUserSupplier, boolean allowAnonymousAccessForNotAnnotatedMembers)
-
-
Method Details
-
verifyIsPermitted
public boolean verifyIsPermitted(Class<?> checkingClass, String checkingMethodName, Class<?>... checkingMethodParameterTypes) Description copied from interface:AnnotatedPermitChecker
Verifies if current user has access to the given method..- Specified by:
verifyIsPermitted
in interfaceAnnotatedPermitChecker
- Parameters:
checkingClass
- The class to be checked for permission.checkingMethodName
- The name of the method in the class to be checked for permission.checkingMethodParameterTypes
- Array of parameter types from the method declaration to differentiate between overloaded methods.- Returns:
false
immediately if any annotated element denies authorization. Returnstrue
under the following conditions:- Class or method allows authorization for the requesting principal. If present, the method annotation overrides the class one
- If no elements are annotated:
- If the principal is not anonymous
- For an anonymous user: If anonymous access to non-annotated classes is enabled
-
verifyIsPermitted
Description copied from interface:AnnotatedPermitChecker
Verifies is current user has access to the given method.- Specified by:
verifyIsPermitted
in interfaceAnnotatedPermitChecker
- Parameters:
checkingClass
- The class to be checked for permission.method
- The method in the action class to be checked for permission.- Returns:
false
immediately if any annotated element denies authorization. Returnstrue
under the following conditions:- Class or method allows authorization for the requesting principal. If present, the method annotation overrides the class one
- If no elements are annotated:
- If the principal is not anonymous
- For an anonymous user: If anonymous access to non-annotated classes is enabled
-
verifyIsPermitted
Description copied from interface:AnnotatedPermitChecker
Verifies is current user has access to methods in a given class.- Specified by:
verifyIsPermitted
in interfaceAnnotatedPermitChecker
- Parameters:
checkingClass
- The class to be checked for permission.- Returns:
false
if authorization is denied. Returnstrue
if- Annotated class allows authorization for the requesting principal
- If the class is not annotated:
- If the principal is not anonymous
- For an anonymous user: If anonymous access to non-annotated classes is enabled
-
isAllowAnonymousAccessForNotAnnotatedMembers
public boolean isAllowAnonymousAccessForNotAnnotatedMembers()Description copied from interface:AnnotatedPermitChecker
Checks behaviour of unannotated methods.- Specified by:
isAllowAnonymousAccessForNotAnnotatedMembers
in interfaceAnnotatedPermitChecker
- Returns:
- true if anonymous requests are allowed to call unannotated methods.
-