public interface SecurityService
This interface allows plugins to perform operations as a particular user.
Modifier and Type | Method and Description |
---|---|
EscalatedSecurityContext |
anonymously(String reason)
Creates a custom security context that is not authenticated that can be used to perform operations.
|
EscalatedSecurityContext |
escalate(String reason)
Creates a custom security context with no difference to the current security context but allows adding further
permissions on the returned
EscalatedSecurityContext . |
EscalatedSecurityContext |
impersonating(ApplicationUser user,
String reason)
Creates a custom security context that is authenticated as
user that can be used to perform operations. |
EscalatedSecurityContext |
withPermission(Permission permission,
Object resource,
String reason)
Creates a custom security context with elevated permissions that can be used to perform operations.
|
EscalatedSecurityContext |
withPermission(Permission permission,
String reason)
Creates a custom security context with elevated permissions that can be used to perform operations.
|
EscalatedSecurityContext |
withPermissions(Set<Permission> permissions,
String reason)
Creates a custom security context with elevated permissions that can be used to perform operations.
|
@Nonnull EscalatedSecurityContext anonymously(@Nonnull String reason)
escalated permissions
that are associated with the current security
context will still apply.reason
- a description of the reason for creating the custom security context. This description is used for
logging.@Nonnull EscalatedSecurityContext escalate(@Nonnull String reason)
EscalatedSecurityContext
.reason
- a description of the reason for creating the custom security context. This description is used for
logging.@Nonnull EscalatedSecurityContext impersonating(@Nonnull ApplicationUser user, @Nonnull String reason)
user
that can be used to perform operations.
Note that any escalated permissions
that are associated with the
current security context will still apply.user
- the user to temporarily execute asreason
- a description of the reason for creating the custom security context. This description is used for
logging.@Nonnull EscalatedSecurityContext withPermission(@Nonnull Permission permission, @Nonnull String reason)
permission
- the permission to temporarily grant. This can be either a global or a resource permission. If
a resource permission is provided, the permission is granted to all resources of that type.reason
- a description of the reason for creating the custom security context. This description is used for
logging.@Nonnull EscalatedSecurityContext withPermission(@Nonnull Permission permission, @Nonnull Object resource, @Nonnull String reason)
permission
- the permission to temporarily grant. This has to be a resource permission that is valid for the
provided resource (e.g. REPO_READ for a Repository).resource
- the resource to temporarily grant the permission onreason
- a description of the reason for creating the custom security context. This description is used for
logging.@Nonnull EscalatedSecurityContext withPermissions(@Nonnull Set<Permission> permissions, @Nonnull String reason)
escalated permissions
that are associated with the
current security context will still apply.permissions
- the permissions to temporarily grant. This can be a mix of global and resource permissions. If
a resource permission is provided, the permission is granted to all resources of that type.reason
- a description of the reason for creating the custom security context. This description is used for
logging.Copyright © 2022 Atlassian. All rights reserved.