Package com.atlassian.bitbucket.user

Interface EscalatedSecurityContext

public interface EscalatedSecurityContext
Custom security context that specifies as what user and with which additional permissions an Operation should be called.

  • Method Details

    • call

      <T, E extends Throwable> T call(@Nonnull Operation<T,E> operation) throws E
      Executes an Operation as the specified user and added permissions. The current security context is restored after the operation completes.

      Note: Nesting invocations merges all elevated permissions rather than replacing the previous values.

      Type Parameters:
      E - type of exception
      T - type of the operation
      Parameters:
      operation - the operation to be executed
      Returns:
      the return value of the provided operation
      Throws:
      E - when the provided operation throws an exception

    • applyToRequest

      void applyToRequest()
      Escalates the security context as the specified user and added permissions for the duration of the current request. If there is no request in scope an exception is thrown.
      Throws:
      IllegalStateException - if there is no request in scope for the current thread

    • withPermission

      @Nonnull EscalatedSecurityContext withPermission(@Nonnull Permission permission)
      Adds permissions to the set of elevated permissions. If a resource permission (e.g. REPO_READ) is provided, the permission is granted to all resources.
      Parameters:
      permission - the permission to be temporarily granted
      Returns:
      the escalated security context

    • withPermission

      @Nonnull EscalatedSecurityContext withPermission(@Nonnull Object resource, @Nonnull Permission permission)
      Adds permissions on a particular resource to the set of elevated permissions.
      Parameters:
      resource - the resource
      permission - the permission to be temporarily granted on the provided resource
      Returns:
      the escalated security context

    • withPermissions

      @Nonnull EscalatedSecurityContext withPermissions(@Nonnull Set<Permission> permissions)
      Adds permissions to the set of elevated permissions. If a resource permission (e.g. REPO_READ) is provided, the permission is granted to all resources.
      Parameters:
      permissions - the permissions to be temporarily granted
      Returns:
      the escalated security context