Permission
extends Enum<E extends Enum<E>>| java.lang.Object | ||
| ↳ | java.lang.Enum<E extends java.lang.Enum<E>> | |
| ↳ | com.atlassian.bitbucket.permission.Permission | |
Class Overview
Enumerates the available permissions and describes what they are used to protect.
Summary
| Enum Values | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Permission | ADMIN | Allows access to common administration tasks, such as granting global permissions. | |||||||||
| Permission | LICENSED_USER | Allows access to the application. | |||||||||
| Permission | PROJECT_ADMIN | Allows administrative access to a project and any repository it contains. | |||||||||
| Permission | PROJECT_CREATE | Allows project creation. | |||||||||
| Permission | PROJECT_READ | Allows read access to a project and any repository it contains. | |||||||||
| Permission | PROJECT_VIEW | Allow view access to a project. | |||||||||
| Permission | PROJECT_WRITE | Allows write access to a project and any repository it contains. | |||||||||
| Permission | REPO_ADMIN | Allows to administer a repository. | |||||||||
| Permission | REPO_READ | Allows read access to a repository. | |||||||||
| Permission | REPO_WRITE | Allows write access to a repository. | |||||||||
| Permission | SYS_ADMIN | Allows access to advanced administration tasks. | |||||||||
| Permission | USER_ADMIN | Allows access to change account configuration for a given user such as SSH keys, GPG keys, personal tokens, and password. | |||||||||
| Public Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Gets a permission by its id.
| |||||||||||
Gets a permission by its weight.
| |||||||||||
Gets all the global permissions.
| |||||||||||
Get the set of permissions that inherit this permission (excluding this permission).
| |||||||||||
Gets all permissions this permission inherits.
| |||||||||||
Gets all permissions that inherit this permission (including this permission).
| |||||||||||
Gets all the permissions associated with a resource.
| |||||||||||
Return all resource types that this permission applies to.
| |||||||||||
Retrieves the weight of this permission relative to other permissions.
| |||||||||||
Indicates whether this
Permission can be granted globally. | |||||||||||
Indicates whether this permission may be granted to all users,
or if it must be granted to users or groups individually.
| |||||||||||
Indicates whether this permission applies to a given resource type.
| |||||||||||
Indicates whether this
Permission only applies to specific resource(s),
such as projects and repositories. | |||||||||||
Gets the permission with the maximum
weigth. | |||||||||||
|
[Expand]
Inherited Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
From class
java.lang.Enum
| |||||||||||
|
From class
java.lang.Object
| |||||||||||
|
From interface
java.lang.Comparable
| |||||||||||
Enum Values
public static final Permission ADMIN
Allows access to common administration tasks, such as granting global permissions.
This grants overall admin access, implying PROJECT_ADMIN to all the projects.
public static final Permission LICENSED_USER
Allows access to the application.
This allows the user to authenticate and counts their account towards the license limit.
public static final Permission PROJECT_ADMIN
Allows administrative access to a project and any repository it contains.
In addition to the permissions already granted by PROJECT_WRITE, this allows accessing and updating
the configuration of the project itself (such as adding other project permissions, configuring the project's
avatar, renaming or deleting the project). This also grants REPO_ADMIN on all the repositories in
the project.
public static final Permission PROJECT_CREATE
Allows project creation.
This allows the user to create new projects.
public static final Permission PROJECT_READ
Allows read access to a project and any repository it contains.
This allows listing and viewing all the repositories in a project. It also grants
REPO_READ to all the repositories in the project.
public static final Permission PROJECT_VIEW
Allow view access to a project.
This permission cannot be granted to a user/group. It is an implied permission for any user which has at least read access one or more repositories within the project
public static final Permission PROJECT_WRITE
Allows write access to a project and any repository it contains.
In addition to the permissions already granted by PROJECT_READ, this also grants
REPO_WRITE on all the repositories in the project.
public static final Permission REPO_ADMIN
Allows to administer a repository.
In addition to the permissions already granted by REPO_WRITE, this allows accessing and updating
the configuration of the repository, such as adding or revoking branch permissions, adding or revoking other
repository permissions, renaming or deleting the repository.
public static final Permission REPO_READ
Allows read access to a repository.
This allows cloning and pulling changes from a repository, adding comments and declining pull requests that target the repository. It also allows creating pull requests if the user has the permission on both the source and target repository.
public static final Permission REPO_WRITE
Allows write access to a repository.
In addition to the permissions already granted by REPO_READ, this allows pushing changes
to a repository and merging pull requests targeting the repository.
public static final Permission SYS_ADMIN
Allows access to advanced administration tasks.
In addition to the permissions already granted by ADMIN, this grants the user full access to
the restricted admin functions, such as enabling SSH access, updating the license or migrating databases.
public static final Permission USER_ADMIN
Allows access to change account configuration for a given user such as SSH keys, GPG keys, personal tokens, and password.
This permission can not be granted to any user/group it is implied for any user for their own account. This permission is not implied for personal tokens.
Users with SYS_ADMIN gains this permission for all users. Users with ADMIN gains this for all users except SYS_ADMIN users.
Public Methods
@Nonnull public static Permission fromId (int id)
Gets a permission by its id.
Parameters
| id | id of the permission |
|---|
Returns
- the permission
Throws
| IllegalArgumentException | if no Permission is associated with the given id
|
|---|
@Nullable public static Permission fromWeight (int weight)
Gets a permission by its weight.
Parameters
| weight | weight of the permission |
|---|
Returns
- the permission, or
nullif no permission matches the weight
@Nonnull public static Set<Permission> getGlobalPermissions ()
Gets all the global permissions.
See Also
@Nonnull public PermissionI18n getI18n ()
Returns
- i18n-ed description of this permission suitable for user interfaces.
public int getId ()
Returns
- the id of this permission
@Nonnull public Set<Permission> getImplyingPermissions ()
Get the set of permissions that inherit this permission (excluding this permission).
@Nonnull public Set<Permission> getInheritedPermissions ()
Gets all permissions this permission inherits.
@Nonnull public Set<Permission> getInheritingPermissions ()
Gets all permissions that inherit this permission (including this permission).
@Nonnull public static Set<Permission> getPermissionsOn (Class<?> resourceClass)
Gets all the permissions associated with a resource.
For example, getPermissionsOn(Project.class) returns all the permissions that applies
to the resource, excluding global permissions.
Parameters
| resourceClass | resource the permission must be applicable to |
|---|
See Also
@Nonnull public Set<Class<?>> getResourceTypes ()
Return all resource types that this permission applies to. This could be domain objects, as well as numeric values representing resource IDs.
Returns
- resources types that this permission applies to, or an empty set for
global permissions.
See Also
public int getWeight ()
Retrieves the weight of this permission relative to other permissions.
Higher weight implies the permission has precedence over its lesser counterpart(s). Weight can be used to perform an in-order traversal of the permission hierarchy.
Returns
- the weight of this permission
public boolean isGlobal ()
Indicates whether this Permission can be granted globally.
Global permissions applies to all resources.
Returns
trueif this permission applies globally to all resources; orfalseif this permission applied to specific resource(s)
public boolean isGrantable ()
Returns
trueif the permission can be granted to a user, group or all users,falseotherwise
public boolean isGrantableToAll ()
Indicates whether this permission may be granted to all users, or if it must be granted to users or groups individually.
Returns
trueif the permission may be blanket granted to all users; orfalseif it may only be granted individually to users or groups
public boolean isResource (Class<?> resourceClass)
Indicates whether this permission applies to a given resource type.
Caveat: global permissions (that applies to all resources) will return false.
Parameters
| resourceClass | the type of the resource |
|---|
Returns
trueif this permission applies to instances ofresourceClass
See Also
public boolean isResource ()
Indicates whether this Permission only applies to specific resource(s),
such as projects and repositories.
This is the logical negation of isGlobal(); a permission cannot be both global and resource.
Returns
trueif this permission can be applied to a specific resource; orfalseif this is aglobalpermission
See Also
@Nullable public static Permission max (Permission p1, Permission p2)
Gets the permission with the maximum weigth.
Parameters
| p1 | permission 1 (can be null) |
|---|---|
| p2 | permission 2 (can be null) |
Returns
- the permission with the maximum weight