Package com.atlassian.crowd.dao.permission

Interface InternalUserPermissionDAO

All Known Implementing Classes:
NoopInternalUserPermissionDAO, UserPermissionDAOHibernate
public interface InternalUserPermissionDAO
Manages persistence of InternalGrantedPermission at the explicit / direct permission level. This class does not have a concept of implied permissions (eg. doesn't know that having SYS_ADMIN implies ADMIN) and deals only with direct permissions. Granting or revoking an explicit permission does not guarantee a change in actual user permissions due to potential implied permissions.

  • Method Details

    • exists

      boolean exists(InternalGrantedPermission permission)
      Return true if the InternalGrantedPermission has been explicitly granted. Ie. there is a row matching the group and permission specified by the permission param
      Parameters:
      permission - the group/permission pair to search for
      Returns:
      true if the permission has been explicitly granted (not implicitly)

    • revoke

      boolean revoke(InternalGrantedPermission permission)
      Remove the explicit permission from the group.
      Parameters:
      permission - the group/permission pair to remove
      Returns:
      true if the permission existed and was removed

    • revokeAll

      int revokeAll(DirectoryMapping directoryMapping)
      Revokes all permissions associated with the specified directory mapping
      Parameters:
      directoryMapping - the directory mapping to revoke permissions for
      Returns:
      the number of permissions removed

    • grant

      void grant(InternalGrantedPermission permission)
      Grant the explicit permission to the group. If the permission already explicitly exists, do nothing.
      Parameters:
      permission - the group/permission pair to create

    • getGrantedPermissions

      Collection<PermittedGroup> getGrantedPermissions(UserPermission permission)
      Find all groups that have been explicitly (not implicitly) granted the provided permission
      Parameters:
      permission - permission to search for
      Returns:
      all groups with this permission

    • getGrantedPermissions

      Collection<PermittedGroup> getGrantedPermissions(UserPermission permission, Application application)
      Find all groups that have been explicitly (not implicitly) granted the provided permission
      Parameters:
      permission - permission to search for
      application - application the permission should apply to
      Returns:
      all groups with this permission

    • findHighestPermissionPerGroupByPrefix

      List<PermittedGroup> findHighestPermissionPerGroupByPrefix(String prefix, int start, int limit)
      Find all groups with an explicit permission, and return their highest permission
      Parameters:
      prefix - prefix return only groups whose names start with this prefix
      start - index to start page at
      limit - max number of results to return, 0 for all results
      Returns:
      the highest permission for each group with an explicit permission ordered by groupName. If a group has ADMIN and SYS_ADMIN, only return SYS_ADMIN

    • findHighestPermissionPerGroup

      List<PermittedGroup> findHighestPermissionPerGroup(int start, int limit)
      Find all groups with an explicit permission, and return their highest permission
      Parameters:
      start - index to start page at
      limit - max number of results to return, 0 for all results
      Returns:
      the highest permission for each group with an explicit permission ordered by groupName. If a group has ADMIN and SYS_ADMIN, only return SYS_ADMIN

    • findAllPermissionsForGroup

      List<InternalGrantedPermission> findAllPermissionsForGroup(String groupName, long directoryId)
      Find all permission entries for this group. Used for eg. cleaning up when deleting the group.
      Parameters:
      groupName - name of group to search
      Returns:
      database entries ordered by groupName