Class DefaultAnnotatedPermitChecker

java.lang.Object
com.atlassian.bamboo.security.DefaultAnnotatedPermitChecker
All Implemented Interfaces:
AnnotatedPermitChecker

public class DefaultAnnotatedPermitChecker extends Object implements AnnotatedPermitChecker
  • Constructor Details

    • DefaultAnnotatedPermitChecker

      public DefaultAnnotatedPermitChecker(org.acegisecurity.Authentication currentUser, boolean allowAnonymousAccessForNotAnnotatedMembers)
    • DefaultAnnotatedPermitChecker

      public DefaultAnnotatedPermitChecker(Supplier<org.acegisecurity.Authentication> currentUserSupplier, boolean allowAnonymousAccessForNotAnnotatedMembers)
  • Method Details

    • verifyIsPermitted

      public boolean verifyIsPermitted(Class<?> checkingClass, String checkingMethodName, Class<?>... checkingMethodParameterTypes)
      Description copied from interface: AnnotatedPermitChecker
      Verifies if current user has access to the given method..
      Specified by:
      verifyIsPermitted in interface AnnotatedPermitChecker
      Parameters:
      checkingClass - The class to be checked for permission.
      checkingMethodName - The name of the method in the class to be checked for permission.
      checkingMethodParameterTypes - Array of parameter types from the method declaration to differentiate between overloaded methods.
      Returns:
      false immediately if any annotated element denies authorization. Returns true under the following conditions:
      • Class or method allows authorization for the requesting principal. If present, the method annotation overrides the class one
      • If no elements are annotated:
        • If the principal is not anonymous
        • For an anonymous user: If anonymous access to non-annotated classes is enabled
    • verifyIsPermitted

      public boolean verifyIsPermitted(Class<?> checkingClass, Method method)
      Description copied from interface: AnnotatedPermitChecker
      Verifies is current user has access to the given method.
      Specified by:
      verifyIsPermitted in interface AnnotatedPermitChecker
      Parameters:
      checkingClass - The class to be checked for permission.
      method - The method in the action class to be checked for permission.
      Returns:
      false immediately if any annotated element denies authorization. Returns true under the following conditions:
      • Class or method allows authorization for the requesting principal. If present, the method annotation overrides the class one
      • If no elements are annotated:
        • If the principal is not anonymous
        • For an anonymous user: If anonymous access to non-annotated classes is enabled
    • verifyIsPermitted

      public boolean verifyIsPermitted(Class<?> checkingClass)
      Description copied from interface: AnnotatedPermitChecker
      Verifies is current user has access to methods in a given class.
      Specified by:
      verifyIsPermitted in interface AnnotatedPermitChecker
      Parameters:
      checkingClass - The class to be checked for permission.
      Returns:
      false if authorization is denied. Returns true if
      • Annotated class allows authorization for the requesting principal
      • If the class is not annotated:
        • If the principal is not anonymous
        • For an anonymous user: If anonymous access to non-annotated classes is enabled
    • isAllowAnonymousAccessForNotAnnotatedMembers

      public boolean isAllowAnonymousAccessForNotAnnotatedMembers()
      Description copied from interface: AnnotatedPermitChecker
      Checks behaviour of unannotated methods.
      Specified by:
      isAllowAnonymousAccessForNotAnnotatedMembers in interface AnnotatedPermitChecker
      Returns:
      true if anonymous requests are allowed to call unannotated methods.