Package com.atlassian.bitbucket.permission

Enum Class Permission

java.lang.Object
java.lang.Enum<Permission>
com.atlassian.bitbucket.permission.Permission
All Implemented Interfaces:
Serializable, Comparable<Permission>, Constable
public enum Permission extends Enum<Permission>
Enumerates the available permissions and describes what they are used to protect.

  • Enum Constant Details

    • USER_ADMIN

      public static final Permission USER_ADMIN
      Allows access to change account configuration for a given user such as SSH keys, GPG keys, personal tokens, and password.

      This permission can not be granted to any user/group it is implied for any user for their own account. This permission is not implied for personal tokens.

      Users with SYS_ADMIN gains this permission for all users. Users with ADMIN gains this for all users except SYS_ADMIN users.

      Since:
      5.5

    • PROJECT_VIEW

      public static final Permission PROJECT_VIEW
      Allow view access to a project.

      This permission cannot be granted to a user/group. It is an implied permission for any user which has at least read access one or more repositories within the project

    • REPO_READ

      public static final Permission REPO_READ
      Allows read access to a repository.

      This allows cloning and pulling changes from a repository, adding comments and declining pull requests that target the repository. It also allows creating pull requests if the user has the permission on both the source and target repository.

    • REPO_WRITE

      public static final Permission REPO_WRITE
      Allows write access to a repository.

      In addition to the permissions already granted by REPO_READ, this allows pushing changes to a repository and merging pull requests targeting the repository.

    • REPO_ADMIN

      public static final Permission REPO_ADMIN
      Allows to administer a repository.

      In addition to the permissions already granted by REPO_WRITE, this allows accessing and updating the configuration of the repository, such as adding or revoking branch permissions, adding or revoking other repository permissions, renaming or deleting the repository.

    • PROJECT_READ

      public static final Permission PROJECT_READ
      Allows read access to a project and any repository it contains.

      This allows listing and viewing all the repositories in a project. It also grants REPO_READ to all the repositories in the project.

    • PROJECT_WRITE

      public static final Permission PROJECT_WRITE
      Allows write access to a project and any repository it contains.

      In addition to the permissions already granted by PROJECT_READ, this also grants REPO_WRITE on all the repositories in the project.

    • REPO_CREATE

      public static final Permission REPO_CREATE
      Allows repository creation.

      In addition to the permissions already granted by PROJECT_WRITE, this allows the user to create new repositories.

      Since:
      8.2

    • PROJECT_ADMIN

      public static final Permission PROJECT_ADMIN
      Allows administrative access to a project and any repository it contains.

      In addition to the permissions already granted by REPO_CREATE, this allows accessing and updating the configuration of the project itself (such as adding other project permissions, configuring the project's avatar, renaming or deleting the project). This also grants REPO_ADMIN on all the repositories in the project.

    • LICENSED_USER

      public static final Permission LICENSED_USER
      Allows access to the application.

      This allows the user to authenticate and counts their account towards the license limit.

    • PROJECT_CREATE

      public static final Permission PROJECT_CREATE
      Allows project creation.

      This allows the user to create new projects.

    • ADMIN

      public static final Permission ADMIN
      Allows access to common administration tasks, such as granting global permissions.

      This grants overall admin access, implying PROJECT_ADMIN to all the projects.

    • SYS_ADMIN

      public static final Permission SYS_ADMIN
      Allows access to advanced administration tasks.

      In addition to the permissions already granted by ADMIN, this grants the user full access to the restricted admin functions, such as enabling SSH access, updating the license or migrating databases.

  • Method Details

    • values

      public static Permission[] values()
      Returns an array containing the constants of this enum class, in the order they are declared.
      Returns:
      an array containing the constants of this enum class, in the order they are declared

    • valueOf

      public static Permission valueOf(String name)
      Returns the enum constant of this class with the specified name. The string must match exactly an identifier used to declare an enum constant in this class. (Extraneous whitespace characters are not permitted.)
      Parameters:
      name - the name of the enum constant to be returned.
      Returns:
      the enum constant with the specified name
      Throws:
      IllegalArgumentException - if this enum class has no constant with the specified name
      NullPointerException - if the argument is null

    • fromId

      @Nonnull public static Permission fromId(int id)
      Gets a permission by its id.
      Parameters:
      id - id of the permission
      Returns:
      the permission
      Throws:
      IllegalArgumentException - if no Permission is associated with the given id

    • fromWeight

      @Nullable public static Permission fromWeight(int weight)
      Gets a permission by its weight.
      Parameters:
      weight - weight of the permission
      Returns:
      the permission, or null if no permission matches the weight

    • getGlobalPermissions

      @Nonnull public static Set<Permission> getGlobalPermissions()
      Gets all the global permissions.
      Returns:
      all global permissions
      See Also:

    • getPermissionsOn

      @Nonnull public static Set<Permission> getPermissionsOn(Class<?> resourceClass)
      Gets all the permissions associated with a resource.

      For example, getPermissionsOn(Project.class) returns all the permissions that applies to the resource, excluding global permissions.

      Parameters:
      resourceClass - resource the permission must be applicable to
      Returns:
      all permissions on the resource
      See Also:

    • max

      @Nullable public static Permission max(Permission p1, Permission p2)
      Gets the permission with the maximum weigth.
      Parameters:
      p1 - permission 1 (can be null)
      p2 - permission 2 (can be null)
      Returns:
      the permission with the maximum weight

    • getI18n

      @Nonnull public PermissionI18n getI18n()
      Returns:
      i18n-ed description of this permission suitable for user interfaces.

    • getId

      public int getId()
      Returns:
      the ID of this permission

    • getImplyingPermissions

      @Nonnull public Set<Permission> getImplyingPermissions()
      Get the set of permissions that inherit this permission (excluding this permission).
      Returns:
      set of implied permissions

    • getInheritedPermissions

      @Nonnull public Set<Permission> getInheritedPermissions()
      Gets all permissions this permission inherits.
      Returns:
      all inherited permissions

    • getInheritingPermissions

      @Nonnull public Set<Permission> getInheritingPermissions()
      Gets all permissions that inherit this permission (including this permission).
      Returns:
      permissions that inherit this permission

    • getResourceTypes

      @Nonnull public Set<Class<?>> getResourceTypes()
      Return all resource types that this permission applies to. This could be domain objects, as well as numeric values representing resource IDs.
      Returns:
      resources types that this permission applies to, or an empty set for global permissions.
      See Also:

    • getWeight

      public int getWeight()
      Retrieves the weight of this permission relative to other permissions.

      Higher weight implies the permission has precedence over its lesser counterpart(s). Weight can be used to perform an in-order traversal of the permission hierarchy.

      Returns:
      the weight of this permission

    • isGlobal

      public boolean isGlobal()
      Indicates whether this Permission can be granted globally.

      Global permissions applies to all resources.

      Returns:
      true if this permission applies globally to all resources; or false if this permission applied to specific resource(s)

    • isGrantable

      public boolean isGrantable()
      Returns:
      true if the permission can be granted to a user, group or all users, false otherwise

    • isGrantableToAll

      public boolean isGrantableToAll()
      Indicates whether this permission may be granted to all users, or if it must be granted to users or groups individually.
      Returns:
      true if the permission may be blanket granted to all users; or false if it may only be granted individually to users or groups

    • isResource

      public boolean isResource()
      Indicates whether this Permission only applies to specific resource(s), such as projects and repositories.

      This is the logical negation of isGlobal(); a permission cannot be both global and resource.

      Returns:
      true if this permission can be applied to a specific resource; or false if this is a global permission
      See Also:

    • isResource

      public boolean isResource(Class<?> resourceClass)
      Indicates whether this permission applies to a given resource type.

      Caveat: global permissions (that applies to all resources) will return false.

      Parameters:
      resourceClass - the type of the resource
      Returns:
      true if this permission applies to instances of resourceClass
      See Also: