com.atlassian.bitbucket.permission.PermissionService |
Reads the permissions of users and groups. IMPORTANT: This should not be restricted by permissions, and is not intended for querying access levels of users, but rather checking access of the current user at runtime
Public Methods | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
The complete set of
effective permissions for the supplied user. | |||||||||||
Get the groups which are granted a permission
| |||||||||||
Get the users which are granted a permission
| |||||||||||
Get the highest global permission for a group.
| |||||||||||
Get the highest global permission for a user.
| |||||||||||
Get the highest global permission for a user.
| |||||||||||
Get the usernames of the users with the given permission (whether directly or though permission inheritance)
This includes users granted the permission directly and those who have the permission through their group
membership.
| |||||||||||
Retrieve whether the current user (authenticated or not) has access to the given project.
| |||||||||||
Retrieves whether the repository is publicly accessible.
| |||||||||||
Retrieves whether the project is publicly accessible.
| |||||||||||
Retrieve whether the current user (authenticated or not) has access to the given repository.
| |||||||||||
The complete set of effective permissions
for the supplied user.
Only the minimal set of effective permissions is returned by the iterator such that any effective permission
that can be inferred
from other permissions is not returned.
E.g. if a user is granted SYS_ADMIN
permission, a group they belong to is granted REPO_READ
on repository with id 1 and project 7 has a default permission of PROJ_READ
, the only EffectivePermission
to be returned from the iterator will be a GlobalEffectivePermission
with permissions SYS_ADMIN
since all other permissions can be inferred.
user | the user |
---|
Get the groups which are granted a permission
permission | the permission in question |
---|---|
request | a page request |
Get the users which are granted a permission
permission | the permission in question |
---|---|
request | a page request |
Get the highest global permission for a group.
groupName | the group name |
---|
Get the highest global permission for a user.
user | the user |
---|
Get the highest global permission for a user.
username | the user name |
---|
Get the usernames of the users with the given permission (whether directly or though permission inheritance) This includes users granted the permission directly and those who have the permission through their group membership.
permission | the permission for which the users are being fetched. It must be global |
---|
user | the user in question |
---|---|
permission | the requested permission. Must be non-global. |
ApplicationUser
has the requested Permission
for any project / repositorypermission | the requested permission. Must be non-global. |
---|
Permission
for any project / repositorypermission | the permission required. |
---|
project | the project on which permission is being checked. |
---|---|
permission | the permission required. |
repository | the repository on which permission is being checked. |
---|---|
permission | the permission required. |
permission | the permission required. |
---|---|
group | the group to be checked. |
permission | the requested permission. Must be global. |
---|
Permission
user | the user in question |
---|---|
permission | the requested permission. Must be global. |
true
if the given ApplicationUser
has the requested Permission
.
Will return true if the user is active
and one of the following conditions is met:
username | the user in question |
---|---|
permission | the requested permission. Must be global. |
true
if the given user identified by username
has the requested Permission
.
Will return true if the user is active
and one of the following conditions is met:
permission | The permission required. |
---|---|
excludedGroups | A Set of groups to be excluded from consideration. |
project | the project in question |
---|---|
permission | the requested permission. Must be non-global. |
Permission
for the given Project
user | the user in question |
---|---|
project | the project in question |
permission | the requested permission. Must be non-global. |
true
if the given ApplicationUser
has the requested Permission
for the given Project
.
Will return true if the user is active
and one of the following conditions is met:
publicly accessible
and the permission is implied as a resultadministration rights
administration rights
projectId | the id project in question |
---|---|
permission | the requested permission. Must be non-global. |
Permission
for the given Project
user | the user in question |
---|---|
projectId | the id of project |
permission | the requested permission. Must be non-global. |
ApplicationUser
has the requested Permission
for the Project
identified by projectId.project | The project on which permission is being checked. |
---|---|
permission | The permission required. |
excludedGroups | A Set of groups to be excluded from consideration. |
user | the user in question |
---|---|
repositoryId | the repository in question |
permission | the requested permission. Must be non-global. |
ApplicationUser
has the requested Permission
for the given Repository
.repository | the repository in question |
---|---|
permission | the requested permission. Must be non-global. |
Permission
for the given Repository
repositoryId | the repository in question |
---|---|
permission | the requested permission. Must be non-global. |
Permission
for the given Repository
identified by repositoryid.user | the user in question |
---|---|
repository | the repository in question |
permission | the requested permission. Must be non-global. |
ApplicationUser
has the requested Permission
for the given Repository
.
Will return true if the user is active
and one of the following conditions is met:
publicly accessible
and the permission is implied as a resultadministration rights
administration rights
repository | The repository on which permission is being checked. |
---|---|
permission | The permission required. |
excludedGroups | A Set of groups to be excluded from consideration. |
projectId | the id of the project on which to check |
---|
true
if the current user has access to the given project, false
otherwiseRetrieve whether the current user (authenticated or not) has access to the given project.
The user may have access as a result of the following:
PROJECT_VIEW
permission for the given project; orwithPermission(Permission, String)
running with}
PROJECT_VIEW
permission; oris public
; orare public
project | the project on which to check |
---|
true
if the current user has access to the given project, false
otherwise
Retrieves whether the repository is publicly accessible.
Note that a repository will be public if:
To check whether the current user (authenticated or not) can access the repository,
use isRepositoryAccessible(Repository)
instead.
repository | the repository on which to check |
---|
true
if unauthenticated users can access the given repository, false
otherwise
Retrieves whether the project is publicly accessible.
Note: to check whether the current user (authenticated or not) can access the project,
use isProjectAccessible(Project)
instead.
project | the project on which to check |
---|
true
if unauthenticated users can access the given project, false
otherwise
Retrieve whether the current user (authenticated or not) has access to the given repository.
The user may have access as a result of the following:
REPO_READ
permission for the given repository; orwithPermission(Permission, String)
running with}
REPO_READ
permission; orrepository | the repository on which to check |
---|
true
if the current user has access to the given repository, false
otherwise
repositoryId | the id of the repository on which to check |
---|
true
if the current user has access to the given repository, false
otherwise