com.atlassian.confluence.security
Class DefaultPermissionManager

java.lang.Object
  extended by com.atlassian.confluence.security.DefaultPermissionManager
All Implemented Interfaces:
PermissionManager

public class DefaultPermissionManager
extends Object
implements PermissionManager

Default implementation of PermissionManager. Delegates all the decision-making to a collection of delegates that handle the per-target-type permission checking.

Since:
2.0
See Also:
PermissionDelegate

Nested Class Summary
 
Nested classes/interfaces inherited from interface com.atlassian.confluence.security.PermissionManager
PermissionManager.Criterion
 
Field Summary
 
Fields inherited from interface com.atlassian.confluence.security.PermissionManager
TARGET_APPLICATION, TARGET_PEOPLE_DIRECTORY, TARGET_SYSTEM
 
Constructor Summary
DefaultPermissionManager()
           
 
Method Summary
<X> List<X>
getPermittedEntities(com.atlassian.user.User user, Permission permission, Iterator<? extends X> objects, int maxResults)
          Filter an iterator based on which entities in the list have a particular permission.
<X> List<X>
getPermittedEntities(com.atlassian.user.User user, Permission permission, Iterator<X> entities, int maxResults, Collection<? extends PermissionManager.Criterion> otherCriteria)
          Filter an iterator based on which entities in the list have a particular permission.
<X> List<X>
getPermittedEntities(com.atlassian.user.User user, Permission permission, List<? extends X> objects)
          Filter a list based on which entities in the list have a particular permission.
<X> List<X>
getPermittedEntitiesNoExemptions(com.atlassian.user.User user, Permission permission, Iterator<? extends X> objects, int maxResults)
          Filter an iterator based on which entities in the list have a particular permission.
<X> List<X>
getPermittedEntitiesNoExemptions(com.atlassian.user.User user, Permission permission, Iterator<X> entities, int maxResults, Collection<? extends PermissionManager.Criterion> otherCriteria)
          Filter an iterator based on which entities in the list have a particular permission.
<X> List<X>
getPermittedEntitiesNoExemptions(com.atlassian.user.User user, Permission permission, List<? extends X> objects)
          Filter a list based on which entities in the list have a particular permission.
 boolean hasCreatePermission(com.atlassian.user.User user, Object container, Class<?> typeToCreate)
          Determine whether a user has permission to create an entity of a particular type within a given container.
 boolean hasCreatePermission(com.atlassian.user.User user, Object container, Object objectToCreate)
          Determine whether a user has permission to create a particular entity within a given container.
 boolean hasPermission(com.atlassian.user.User user, Permission permission, Class targetType)
          Determine whether a user has a particular permission for all instances of the specified target type.
 boolean hasPermission(com.atlassian.user.User user, Permission permission, Object target)
          Determine whether a user has a particular permission against a given target.
 boolean hasPermissionNoExemptions(com.atlassian.user.User user, Permission permission, Object target)
          Returns true if the user has the specified permission on the target object.
 boolean isConfluenceAdministrator(com.atlassian.user.User user)
          Determine if the user is a Confluence administrator.
 boolean isSystemAdministrator(com.atlassian.user.User user)
          Determine if the user is a system administrator.
 void setContentTypeManager(ContentTypeManager contentTypeManager)
           
 void setDeactivatedUserChecker(DeactivatedUserChecker deactivatedUserChecker)
           
 void setDelegates(Map<String,PermissionDelegate> delegates)
           
 void setOnDemandLicenseManager(OnDemandLicenseManager onDemandLicenseManager)
           
 void setOnDemandUserAccessChecker(OnDemandUserAccessChecker onDemandUserAccessChecker)
           
 void setPermissionCheckExemptions(PermissionCheckExemptions permissionCheckExemptions)
           
 void setSpacePermissionManager(SpacePermissionManager spacePermissionManager)
           
 void withExemption(Runnable runnable)
          Execute the given task with permission exemption.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

DefaultPermissionManager

public DefaultPermissionManager()
Method Detail

hasPermission

public boolean hasPermission(com.atlassian.user.User user,
                             Permission permission,
                             Object target)
Description copied from interface: PermissionManager
Determine whether a user has a particular permission against a given target.

Specified by:
hasPermission in interface PermissionManager
Parameters:
user - the user seeking permission, or null if the anonymous user is being checked against
permission - the permission to check
target - the object that the permission is being checked against. If this object is null, the method will return false
Returns:
true if the user has this permission, false otherwise

hasPermission

public boolean hasPermission(com.atlassian.user.User user,
                             Permission permission,
                             Class targetType)
Description copied from interface: PermissionManager
Determine whether a user has a particular permission for all instances of the specified target type.

Specified by:
hasPermission in interface PermissionManager
Parameters:
user - the user
permission - the permission to check (see Permission
targetType - the type of the target
Returns:
true if the user has this permission, false otherwise.

hasPermissionNoExemptions

public boolean hasPermissionNoExemptions(com.atlassian.user.User user,
                                         Permission permission,
                                         Object target)
Returns true if the user has the specified permission on the target object. Does not allow exemptions for super-users like hasPermission(User, Permission, Object) does.

This implementation should become the default one once the exemption for the 'confluence-administrators' group is removed.

For parameter and return value information, see hasPermission(User, Permission, Object).

Specified by:
hasPermissionNoExemptions in interface PermissionManager

hasCreatePermission

public boolean hasCreatePermission(com.atlassian.user.User user,
                                   Object container,
                                   Class<?> typeToCreate)
Description copied from interface: PermissionManager
Determine whether a user has permission to create an entity of a particular type within a given container.

The container is the natural container of the object being created. For example, a comment is contained in a page, which is contained within a space. A space is contained within TARGET_APPLICATION.

This overload should not be used when creating CustomContentEntityObject instances. In that case, permission checks should use PermissionManager.hasCreatePermission(com.atlassian.user.User, Object, Object).

Specified by:
hasCreatePermission in interface PermissionManager
Parameters:
user - the user seeking permission, or null if the anonymous user is being checked against
container - the target that the object is being created within. If this object is null, the method will return false
typeToCreate - the type of object being created (see above)
Returns:
true if the user has permission, false otherwise
See Also:
ContentEntityObject.getType()

hasCreatePermission

public boolean hasCreatePermission(com.atlassian.user.User user,
                                   Object container,
                                   Object objectToCreate)
Description copied from interface: PermissionManager
Determine whether a user has permission to create a particular entity within a given container.

The container is the natural container of the object being created. For example, a comment is contained in a page, which is contained within a space. A space is contained within TARGET_APPLICATION.

This overload is best when creating CustomContentEntityObject instances. Other permission checks should use PermissionManager.hasCreatePermission(com.atlassian.user.User, Object, Class).

Specified by:
hasCreatePermission in interface PermissionManager
Parameters:
user - the user seeking permission, or null if the anonymous user is being checked against
container - the target that the object is being created within. If this object is null, the method will return false
objectToCreate - the object being created (see above)
Returns:
true if the user has permission, false otherwise

getPermittedEntities

public <X> List<X> getPermittedEntities(com.atlassian.user.User user,
                                        Permission permission,
                                        List<? extends X> objects)
Description copied from interface: PermissionManager
Filter a list based on which entities in the list have a particular permission.

Specified by:
getPermittedEntities in interface PermissionManager
Parameters:
user - the user seeking permission, or null if the anonymous user is being checked against
permission - the permission to check against the objects
objects - the objects to check
Returns:
a new list of those members of the objects list that satisfy the given permission for the user

getPermittedEntities

public <X> List<X> getPermittedEntities(com.atlassian.user.User user,
                                        Permission permission,
                                        Iterator<? extends X> objects,
                                        int maxResults)
Description copied from interface: PermissionManager
Filter an iterator based on which entities in the list have a particular permission.

Specified by:
getPermittedEntities in interface PermissionManager
Parameters:
user - the user seeking permission, or null if the anonymous user is being checked against
permission - the permission to check against the objects
objects - the objects to check
maxResults - the maximum number of permitted entities to retrieve from the iterator (un-permitted entities are not counted)
Returns:
a new list of those members of the objects list that satisfy the given permission for the user

getPermittedEntities

public <X> List<X> getPermittedEntities(com.atlassian.user.User user,
                                        Permission permission,
                                        Iterator<X> entities,
                                        int maxResults,
                                        Collection<? extends PermissionManager.Criterion> otherCriteria)
Description copied from interface: PermissionManager
Filter an iterator based on which entities in the list have a particular permission. You may also supply additional criteria through which to filter the iterator.

Specified by:
getPermittedEntities in interface PermissionManager
Parameters:
user - the user seeking permission, or null if the anonymous user is being checked against
permission - the permission to check against the objects
entities - the objects to check
maxResults - the maximum number of permitted entities to retrieve from the iterator (un-permitted entities are not counted)
otherCriteria - a collection of PermissionManager.Criterion objects through which the permitted entities must also be filtered
Returns:
a new list of those members of the objects list that satisfy the given permission for the user

getPermittedEntitiesNoExemptions

public <X> List<X> getPermittedEntitiesNoExemptions(com.atlassian.user.User user,
                                                    Permission permission,
                                                    List<? extends X> objects)
Description copied from interface: PermissionManager
Filter a list based on which entities in the list have a particular permission. This method does not allow exemptions for super-users like PermissionManager.getPermittedEntities(User, Permission, List) does.

Specified by:
getPermittedEntitiesNoExemptions in interface PermissionManager
Parameters:
user - the user seeking permission, or null if the anonymous user is being checked against
permission - the permission to check against the objects
objects - the objects to check
Returns:
a new list of those members of the objects list that satisfy the given permission for the user

getPermittedEntitiesNoExemptions

public <X> List<X> getPermittedEntitiesNoExemptions(com.atlassian.user.User user,
                                                    Permission permission,
                                                    Iterator<? extends X> objects,
                                                    int maxResults)
Description copied from interface: PermissionManager
Filter an iterator based on which entities in the list have a particular permission. This method does not allow exemptions for super-users like PermissionManager.getPermittedEntities(User, Permission, Iterator, int) does.

Specified by:
getPermittedEntitiesNoExemptions in interface PermissionManager
Parameters:
user - the user seeking permission, or null if the anonymous user is being checked against
permission - the permission to check against the objects
objects - the objects to check
maxResults - the maximum number of permitted entities to retrieve from the iterator (un-permitted entities are not counted)
Returns:
a new list of those members of the objects list that satisfy the given permission for the user

getPermittedEntitiesNoExemptions

public <X> List<X> getPermittedEntitiesNoExemptions(com.atlassian.user.User user,
                                                    Permission permission,
                                                    Iterator<X> entities,
                                                    int maxResults,
                                                    Collection<? extends PermissionManager.Criterion> otherCriteria)
Description copied from interface: PermissionManager
Filter an iterator based on which entities in the list have a particular permission. This method does not allow exemptions for super-users like PermissionManager.getPermittedEntities(User, Permission, Iterator, int, Collection) does. You may also supply additional criteria through which to filter the iterator.

Specified by:
getPermittedEntitiesNoExemptions in interface PermissionManager
Parameters:
user - the user seeking permission, or null if the anonymous user is being checked against
permission - the permission to check against the objects
entities - the objects to check
maxResults - the maximum number of permitted entities to retrieve from the iterator (un-permitted entities are not counted)
otherCriteria - a collection of PermissionManager.Criterion objects through which the permitted entities must also be filtered
Returns:
a new list of those members of the objects list that satisfy the given permission for the user

isConfluenceAdministrator

public boolean isConfluenceAdministrator(com.atlassian.user.User user)
Description copied from interface: PermissionManager
Determine if the user is a Confluence administrator. Calling this method is identical to calling hasPermission(user, Permission.ADMINISTER, PermissionManager.TARGET_APPLICATION).

Specified by:
isConfluenceAdministrator in interface PermissionManager
Parameters:
user - the user to check permissions against
Returns:
true if the user is a Confluence administrator, false otherwise

isSystemAdministrator

public boolean isSystemAdministrator(com.atlassian.user.User user)
Description copied from interface: PermissionManager
Determine if the user is a system administrator. Calling this method is identical to calling hasPermission(user, Permission.ADMINISTER, PermissionManager.TARGET_SYSTEM).

Specified by:
isSystemAdministrator in interface PermissionManager
Parameters:
user - the user to check permissions against
Returns:
true if the user is a system administrator, false otherwise

withExemption

public void withExemption(Runnable runnable)
Description copied from interface: PermissionManager
Execute the given task with permission exemption.

Calls to PermissionManager.hasPermission(com.atlassian.user.User, Permission, Object) and PermissionManager.hasCreatePermission(com.atlassian.user.User, Object, Class) within the executed task will return true. Other permission checks are not affected.

Use with care.

Specified by:
withExemption in interface PermissionManager
Parameters:
runnable - task to execute with permission exemption

setDelegates

public void setDelegates(Map<String,PermissionDelegate> delegates)

setDeactivatedUserChecker

public void setDeactivatedUserChecker(DeactivatedUserChecker deactivatedUserChecker)

setSpacePermissionManager

public void setSpacePermissionManager(SpacePermissionManager spacePermissionManager)

setPermissionCheckExemptions

public void setPermissionCheckExemptions(PermissionCheckExemptions permissionCheckExemptions)

setContentTypeManager

public void setContentTypeManager(ContentTypeManager contentTypeManager)

setOnDemandLicenseManager

public void setOnDemandLicenseManager(OnDemandLicenseManager onDemandLicenseManager)

setOnDemandUserAccessChecker

public void setOnDemandUserAccessChecker(OnDemandUserAccessChecker onDemandUserAccessChecker)


Copyright © 2003–2015 Atlassian. All rights reserved.