Package com.atlassian.crowd.manager.permission

Interface UserPermissionService

All Known Implementing Classes:
RecoveryModeAwareUserPermissionService, UserPermissionServiceImpl
public interface UserPermissionService
Check Crowd access permissions for users, eg SYS_ADMIN and ADMIN.

  • Method Details

    • currentUserHasPermission

      boolean currentUserHasPermission(UserPermission permission)
      Does the current user have the provided permission.
      Parameters:
      permission - permission required
      Returns:
      true if the user has permission

    • hasPermission

      boolean hasPermission(@Nullable String username, UserPermission permission)
      Does the provided user have the provided permission.
      Parameters:
      username - user to check, null for the anonymous user
      permission - permission required
      Returns:
      true if the user has permission

    • hasPermissionOutsideOfGroups

      boolean hasPermissionOutsideOfGroups(@Nullable String username, UserPermission permission, Collection<DirectoryGroup> excludedGroups)
      Does the provided user have the provided permission when not considering the provided groups.

      This method is intended to be used to determine if a group is exclusively providing a given permission.

      Parameters:
      username - user to check, null for the anonymous user
      permission - permission required
      excludedGroups - groups to exclude in permission check, or an empty list otherwise
      Returns:
      true if the user has permission outside of the provided groups

    • isGroupLevelAdmin

      boolean isGroupLevelAdmin(@Nullable String username)
      Does the provided user have Group Level Admin permissions.
      Parameters:
      username - user to check, null for anonymous user
      Returns:
      true if the user has Group Level Admin permissions

    • getSysAdmins

      @ExperimentalApi default Set<User> getSysAdmins(Application application, boolean includeLocallyCachedOnly) throws DirectoryNotFoundException, OperationFailedException
      Parameters:
      application - application the permission applies to
      includeLocallyCachedOnly - if set to true will limit search to users stored locally
      Returns:
      users with SYS_ADMIN permission.
      Throws:
      DirectoryNotFoundException
      OperationFailedException

    • getUsersWithPermission

      @ExperimentalApi Set<User> getUsersWithPermission(Application application, UserPermission userPermission, boolean includeLocallyCachedOnly) throws DirectoryNotFoundException, OperationFailedException
      Parameters:
      application - application the permission applies to
      userPermission - permission to check
      includeLocallyCachedOnly - if set to true will limit search to users stored locally
      Returns:
      users with the given permission
      Throws:
      DirectoryNotFoundException
      OperationFailedException
      Since:
      3.7

    • getGroupLevelAdmins

      @ExperimentalApi Set<User> getGroupLevelAdmins(boolean considerOnlyTargetGroupsWithApplications) throws DirectoryNotFoundException, OperationFailedException
      Parameters:
      considerOnlyTargetGroupsWithApplications - whether groups without any active application should be taken into account
      Returns:
      users with group level admin permission.
      Throws:
      DirectoryNotFoundException
      OperationFailedException