Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.atlassian.confluence.security
Class DownloadGateKeeper

java.lang.Object
  extended bycom.atlassian.confluence.security.DownloadGateKeeper
All Implemented Interfaces:
GateKeeper
public class DownloadGateKeeper
extends Object
implements GateKeeper

GateKeeper for the Confluence downloads directory.

Any resource granted permissions for will be normalised to remove any part of the path before the first occurrence of the text download. So /confluence/download/foo.txt will need to be checked as download/foo.txt. Attempts to grant permission to a path that doesn't contain "download" will throw an exception.

All permissions will be expired once every 24 hours, regardless of their age. This is dumb.

Field Summary
static long ONE_DAY
           
static Map permittedDownloads
           
 
Constructor Summary
DownloadGateKeeper()
           
 
Method Summary
 void addKey(String path, User user)
          Add permission for a user to access a certain path.
 void allowAnonymousAccess(String path)
          Allow all users, including the anonymous user, access to a particular path.
 void cleanAllKeys()
          Revoke all granted permissions.
 boolean isAccessPermitted(String path, User user)
          Determine if a user is permitted to access a resource.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

permittedDownloads

public static final Map permittedDownloads

ONE_DAY

public static final long ONE_DAY
See Also:
Constant Field Values
Constructor Detail

DownloadGateKeeper

public DownloadGateKeeper()
Method Detail

addKey

public void addKey(String path,
                   User user)
Add permission for a user to access a certain path. The path will be normalised on the way in so that anything before the text "download' is discarded. So /confluence/download/Foo will be normalised to download/Foo
Specified by:
addKey in interface GateKeeper
Parameters:
user - the user to grant permission for
path - the path being granted permission to. Must not be null.
Throws:
IllegalArgumentException - if the path is not of the expected form

allowAnonymousAccess

public void allowAnonymousAccess(String path)
Allow all users, including the anonymous user, access to a particular path. The path will be normalised to the same rules as addKey(java.lang.String, com.atlassian.user.User)

Specified by:
allowAnonymousAccess in interface GateKeeper
Parameters:
path - The resource to grant access permission to

isAccessPermitted

public boolean isAccessPermitted(String path,
                                 User user)
Description copied from interface: GateKeeper
Determine if a user is permitted to access a resource.

Specified by:
isAccessPermitted in interface GateKeeper
Parameters:
path - the path to the resource being requested
user - the user requesting permission to retrieve that resource
Returns:
true if the user is permitted to retrieve that resource, false otherwise

cleanAllKeys

public void cleanAllKeys()
Description copied from interface: GateKeeper
Revoke all granted permissions.

Specified by:
cleanAllKeys in interface GateKeeper
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

Confluence is developed by Atlassian.