Package com.atlassian.jira.security.auth

Interface AuthorisationManager

All Known Implementing Classes:
AuthorisationManagerImpl
public interface AuthorisationManager
Provides Authorisation of the user to a request. Called as part of the Seraph waltz!

  • Method Summary

    Modifier and Type
    Method
    Description
    boolean
    authoriseForLogin(ApplicationUser user, javax.servlet.http.HttpServletRequest httpServletRequest)
    Called to ask whether a user (non null always) is authorised to perform the given request as a login event
    boolean
    authoriseForRole(ApplicationUser user, javax.servlet.http.HttpServletRequest httpServletRequest, String role)
    Called to ask whether a user (non null always) is authorised to perform the given request as a login event
    Set<String>
    getRequiredRoles(javax.servlet.http.HttpServletRequest httpServletRequest)
    Gets the set of role strings that are examined by Seraph to decide if a user is authorised to execute a request.
    boolean
    hasUserAccessToJIRA(ApplicationUser user)
    Verifies whether a user has access to JIRA.

  • Method Details

    • authoriseForLogin

      boolean authoriseForLogin(@Nonnull ApplicationUser user, javax.servlet.http.HttpServletRequest httpServletRequest)
      Called to ask whether a user (non null always) is authorised to perform the given request as a login event
      Parameters:
      user - a non null user
      httpServletRequest - the request in play
      Returns:
      true if they are authorised to perform the request

    • hasUserAccessToJIRA

      boolean hasUserAccessToJIRA(@Nonnull ApplicationUser user)
      Verifies whether a user has access to JIRA. Works similar to authoriseForLogin(com.atlassian.jira.user.ApplicationUser, javax.servlet.http.HttpServletRequest) but doesn't check authorisation via plugins.
      Parameters:
      user - a non null user
      Returns:
      true if user is authorised to JIRA

    • getRequiredRoles

      Set<String> getRequiredRoles(javax.servlet.http.HttpServletRequest httpServletRequest)
      Gets the set of role strings that are examined by Seraph to decide if a user is authorised to execute a request.
      Parameters:
      httpServletRequest - the request in play
      Returns:
      a set of roles

    • authoriseForRole

      boolean authoriseForRole(@Nullable ApplicationUser user, javax.servlet.http.HttpServletRequest httpServletRequest, String role)
      Called to ask whether a user (non null always) is authorised to perform the given request as a login event
      Parameters:
      user - a possibly null user
      httpServletRequest - the request in play
      role - one or more of the roles that was given out during getRequiredRoles(javax.servlet.http.HttpServletRequest)
      Returns:
      true if they are authorised to perform the request