com.atlassian.confluence.security
Interface PermissionManager

All Known Implementing Classes:

DefaultPermissionManager

public interface PermissionManager

Generalised interface for checking whether a particular action in Confluence is allowed, without any knowledge of the specific implementation of permissions as they relate to spaces, pages and so on.

Nested Class Summary

static interface

PermissionManager.Criterion A criterion for whether an entity should be permitted or not

Field Summary

static Object

TARGET_APPLICATION A target to represent the Confluence application as a whole, for global tests

Method Summary

List	getPermittedEntities(User user, Permission permission, Iterator objects, int maxResults) Filter an iterator based on which entities in the list have a particular permission.
List	getPermittedEntities(User user, Permission permission, Iterator objects, int maxResults, Collection otherCriteria) Filter an iterator based on which entities in the list have a particular permission.
List	getPermittedEntities(User user, Permission permission, List objects) Filter a list based on which entities in the list have a particular permission.
boolean	hasCreatePermission(User user, Object container, Class typeToCreate) Determine whether a user has permission to create an entity of a particular type within a given container.
boolean	hasPermission(User user, Permission permission, Object target) Determine whether a user has a particular permission against a given target.
boolean	isGlobalAdministrator(User user) Determine if the user is a global administrator.

Field Detail

TARGET_APPLICATION

public static final Object TARGET_APPLICATION

A target to represent the Confluence application as a whole, for global tests

Method Detail

hasPermission

public boolean hasPermission(User user,
                             Permission permission,
                             Object target)

Determine whether a user has a particular permission against a given target.

Parameters:

user - the user seeking permission, or null if the anonymous user is being checked against

permission - the permission to check

target - the object that the permission is being checked against. If this object is null, the method will return false

Returns:

true if the user has this permission, false otherwise

Throws:

IllegalStateException - if the permission being checked against does not apply to the target

hasCreatePermission

public boolean hasCreatePermission(User user,
                                   Object container,
                                   Class typeToCreate)

Determine whether a user has permission to create an entity of a particular type within a given container.

The container is the natural container of the object being created. For example, a comment is contained in a page, which is contained within TARGET_APPLICATION.

Parameters:

user - the user seeking permission, or null if the anonymous user is being checked against

container - the target that the object is being created within. If this object is null, the method will return false

typeToCreate - the type of object being created (see above)

Returns:

true if the user has permission, false otherwise

Throws:

IllegalStateException - if the permission being checked against does not apply to the target

See Also:

ContentEntityObject.getType()

getPermittedEntities

public List getPermittedEntities(User user,
                                 Permission permission,
                                 List objects)

Filter a list based on which entities in the list have a particular permission.

Parameters:

user - the user seeking permission, or null if the anonymous user is being checked against

permission - the permission to check against the objects

objects - the objects to check

Returns:

a new list of those members of the objects list that satisfy the given permission for the user

getPermittedEntities

public List getPermittedEntities(User user,
                                 Permission permission,
                                 Iterator objects,
                                 int maxResults)

Filter an iterator based on which entities in the list have a particular permission.

Parameters:

user - the user seeking permission, or null if the anonymous user is being checked against

permission - the permission to check against the objects

objects - the objects to check

maxResults - the maximum number of permitted entities to retrieve from the iterator (un-permitted entities are not counted)

Returns:

a new list of those members of the objects list that satisfy the given permission for the user

getPermittedEntities

public List getPermittedEntities(User user,
                                 Permission permission,
                                 Iterator objects,
                                 int maxResults,
                                 Collection otherCriteria)

Filter an iterator based on which entities in the list have a particular permission. You may also supply additional criteria through which to filter the iterator.

Parameters:

user - the user seeking permission, or null if the anonymous user is being checked against

permission - the permission to check against the objects

objects - the objects to check

maxResults - the maximum number of permitted entities to retrieve from the iterator (un-permitted entities are not counted)

otherCriteria - a collection of PermissionManager.Criterion objects through which the permitted entities must also be filtered

Returns:

a new list of those members of the objects list that satisfy the given permission for the user

isGlobalAdministrator

public boolean isGlobalAdministrator(User user)

Determine if the user is a global administrator. Calling this method is identical to calling hasPermission(user, Permission.ADMINISTER, PermissionManager.TARGET_APPLICATION), but hopefully a bit easier on the eye.

Parameters:

user - the user to check permissions against

Returns:

true if the user is a global administrator, false otherwise