com.atlassian.confluence.security
Class DownloadGateKeeper

java.lang.Object
  extended by com.atlassian.confluence.security.DownloadGateKeeper
All Implemented Interfaces:
GateKeeper

public class DownloadGateKeeper
extends java.lang.Object
implements GateKeeper

GateKeeper for the Confluence downloads directory.

Any resource granted permissions for will be normalised to remove any part of the path before the first occurrence of the text download. So /confluence/download/foo.txt will need to be checked as download/foo.txt. Attempts to grant permission to a path that doesn't contain "download" will throw an exception.

Permissions will be expired 24 hours after they are granted.


Constructor Summary
DownloadGateKeeper()
           
 
Method Summary
 void addKey(java.lang.String path, java.lang.String username)
          Add permission for a user to access a certain path.
 void addKey(java.lang.String path, com.atlassian.user.User user)
          Permit a user to download a particular resource.
 void allowAnonymousAccess(java.lang.String path)
          Allow all users, including the anonymous user, access to a particular path.
 void cleanAllKeys()
          Revoke all granted permissions.
 boolean isAccessPermitted(java.lang.String path, java.lang.String userName)
          Determine whether a user is permitted to access a resource.
 boolean isAccessPermitted(java.lang.String path, com.atlassian.user.User user)
          Determine whether a user is permitted to access a resource.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

DownloadGateKeeper

public DownloadGateKeeper()
Method Detail

addKey

public void addKey(java.lang.String path,
                   java.lang.String username)
Add permission for a user to access a certain path. The path will be normalised on the way in so that anything before the text "download' is discarded. So /confluence/download/Foo will be normalised to download/Foo
Specified by:
addKey in interface GateKeeper
Parameters:
username - the username of the user to be permitted. null represents the name of the anonymous users.
path - the path being granted permission to. Must not be null.
Throws:
java.lang.IllegalArgumentException - if the path is not of the expected form

addKey

public void addKey(java.lang.String path,
                   com.atlassian.user.User user)
Description copied from interface: GateKeeper
Permit a user to download a particular resource. This permission is temporary, and may expire after whatever time period the GateKeeper thinks is reasonable.

Specified by:
addKey in interface GateKeeper
Parameters:
path - the path to the resource being made accessible
user - the user to grant permission for. null may be used to represent anonymous users.

allowAnonymousAccess

public void allowAnonymousAccess(java.lang.String path)
Allow all users, including the anonymous user, access to a particular path. The path will be normalised to the same rules as addKey(java.lang.String, java.lang.String)

Specified by:
allowAnonymousAccess in interface GateKeeper
Parameters:
path - The resource to grant access permission to

isAccessPermitted

public boolean isAccessPermitted(java.lang.String path,
                                 com.atlassian.user.User user)
Description copied from interface: GateKeeper
Determine whether a user is permitted to access a resource.

Specified by:
isAccessPermitted in interface GateKeeper
Parameters:
path - the path to the resource being requested
user - the user requesting permission to retrieve that resource
Returns:
true if the user is permitted to retrieve that resource, false otherwise

isAccessPermitted

public boolean isAccessPermitted(java.lang.String path,
                                 java.lang.String userName)
Description copied from interface: GateKeeper
Determine whether a user is permitted to access a resource.

Specified by:
isAccessPermitted in interface GateKeeper
Parameters:
path - the path to the resource being requested
userName - the name of the user requesting permission to retrieve that resource
Returns:
true if the user is permitted to retrieve that resource, false otherwise

cleanAllKeys

public void cleanAllKeys()
Description copied from interface: GateKeeper
Revoke all granted permissions.

Specified by:
cleanAllKeys in interface GateKeeper


Copyright © 2003-2009 Atlassian Pty Ltd. All Rights Reserved.