Package com.atlassian.jira.bc.group

Class GroupsToApplicationsSeatingHelper

java.lang.Object
com.atlassian.jira.bc.group.GroupsToApplicationsSeatingHelper
public class GroupsToApplicationsSeatingHelper extends Object
Since:
7.0

  • Constructor Details

  • Method Details

    • rolesToBeAddedForSeatingCountPurpose

      public Map<ApplicationRole,Set<ApplicationUser>> rolesToBeAddedForSeatingCountPurpose(Set<ApplicationUser> users, Set<String> groupsToBeAdded)

      Produces a relation between ApplicationRoles and ApplicationUsers indicating which users will gain access to which applications if they will be added to given groups.

      This method is useful only in seating counting. There is one gotcha: if users are already (or eventually will be) added to some application, and we want to give them CORE access it's dry-run. We won't count them as jira-core users as it will be implied.

      Parameters:
      users - users to be checked
      groupsToBeAdded - groups to be added
      Returns:
      users grouped by applications in which number of occupied seats should be incremented

    • findEffectiveApplications

      public Set<ApplicationRole> findEffectiveApplications(Optional<Long> userDirectoryId, Set<ApplicationRole> roles)
      Checks which application roles will be effectively accessible by user if he will be added to given roles. It's possible mainly due to configurations which reuse default groups across applications. See findEffectiveApplicationsByGroups(java.util.Optional, java.util.Set) for more detailed explanation.
      Parameters:
      userDirectoryId - directory, in which lookup is performed
      roles - checked roles
      Returns:
      a set of application roles accessible for users
      See Also:

    • findEffectiveApplicationsByGroups

      public Set<ApplicationRole> findEffectiveApplicationsByGroups(Optional<Long> userDirectoryId, Set<String> groupsNames)

      Performs a lookup for applications which should be accessible in given directory assuming that someone is a member of mentioned groups. This method does not incorporate in any way roles which users may already have. It also does not check which roles have free seats.

      Due to nested group support it's not trivial to check potential application access. Effectively, access may be gained by:

      • direct group membership (of course group has to exist in given directory)
      • indirect membership via group relations

      Notice: When userDirectoryId is Optional.empty(), it's not possible to perform exact search due to possibility of differen configurations. It is advised to not perform approximate lookups.

      Parameters:
      userDirectoryId - directory, in which lookup is performed, when Optional.empty() given, approximate search will be performed
      groupsNames - groups which should be checked
      Returns:
      a set of application roles accessible for users