com.atlassian.jira.security.type
Class AbstractIssueFieldSecurityType

java.lang.Object
  extended by com.atlassian.jira.security.type.AbstractSecurityType
      extended by com.atlassian.jira.security.type.AbstractIssueFieldSecurityType
All Implemented Interfaces:
SchemeType, SecurityType
Direct Known Subclasses:
CurrentAssignee, CurrentAssigneeHasAssignablePermission, CurrentReporter, CurrentReporterHasCreatePermission, GroupCF, UserCF

public abstract class AbstractIssueFieldSecurityType
extends AbstractSecurityType


Constructor Summary
AbstractIssueFieldSecurityType()
           
 
Method Summary
protected abstract  String getField()
           
protected abstract  String getFieldName()
           
 org.apache.lucene.search.Query getQuery(User searcher, org.ofbiz.core.entity.GenericValue entity, String parameter)
           
 org.apache.lucene.search.Query getQuery(User searcher, Project project, org.ofbiz.core.entity.GenericValue securityLevel, String parameter)
          Returns a query based on security level and the project passed in.
protected  org.apache.lucene.search.BooleanQuery getQueryForProject(org.ofbiz.core.entity.GenericValue project, User searcher)
          Gets called to produce the Lucene query for a project
protected  org.apache.lucene.search.BooleanQuery getQueryForSecurityLevel(org.ofbiz.core.entity.GenericValue issueSecurity, User searcher)
          Produces a Lucene query for a given issue security type such that documents match the query only when the given user is defined for the issue by this custom field in the given security.
 Set getUsers(PermissionContext ctx, String argument)
          Returns a list of Users represented by a security type instance.
protected  boolean hasIssuePermission(User user, boolean issueCreation, org.ofbiz.core.entity.GenericValue issueGv, String argument)
          Defines whether the given user has permission to see the given issue.
 boolean hasPermission(org.ofbiz.core.entity.GenericValue entity, String argument)
          Interface for determining if a permission type has the permission.
 boolean hasPermission(org.ofbiz.core.entity.GenericValue entity, String argument, User user, boolean issueCreation)
          Decides if the given User has permission to see the given issue or project.
protected abstract  boolean hasProjectPermission(User user, boolean issueCreation, org.ofbiz.core.entity.GenericValue project)
           
 
Methods inherited from class com.atlassian.jira.security.type.AbstractSecurityType
getArgumentDisplay, isValidForPermission
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface com.atlassian.jira.scheme.SchemeType
doValidation, getDisplayName, getType
 

Constructor Detail

AbstractIssueFieldSecurityType

public AbstractIssueFieldSecurityType()
Method Detail

getFieldName

protected abstract String getFieldName()

getQuery

public org.apache.lucene.search.Query getQuery(User searcher,
                                               org.ofbiz.core.entity.GenericValue entity,
                                               String parameter)

getQuery

public org.apache.lucene.search.Query getQuery(User searcher,
                                               Project project,
                                               org.ofbiz.core.entity.GenericValue securityLevel,
                                               String parameter)
Description copied from interface: SecurityType
Returns a query based on security level and the project passed in. This may be required in particular for role based issue security levels. (see JRA-12739)

Parameters:
searcher - The searcher conducting the search
project - The project for which we're constructing a query
securityLevel - The security level for which we are constructing the query
parameter - Parameter identifying user related field (reporter, assignee, etc)
Returns:
A lucene permissions query

getQueryForProject

protected org.apache.lucene.search.BooleanQuery getQueryForProject(org.ofbiz.core.entity.GenericValue project,
                                                                   User searcher)
Gets called to produce the Lucene query for a project

Parameters:
project - The project for which to construct a query
searcher - The user who is searching to add to the query
Returns:
A BooleanQuery with the project and searcher terms

getQueryForSecurityLevel

protected org.apache.lucene.search.BooleanQuery getQueryForSecurityLevel(org.ofbiz.core.entity.GenericValue issueSecurity,
                                                                         User searcher)
Produces a Lucene query for a given issue security type such that documents match the query only when the given user is defined for the issue by this custom field in the given security.

Parameters:
issueSecurity - the security defined by this IssueFieldSecurityType instance.
searcher - the user.
Returns:
a query to constrain to the given issue security for the given user or null if user is null.

hasPermission

public boolean hasPermission(org.ofbiz.core.entity.GenericValue entity,
                             String argument)
Description copied from interface: SchemeType
Interface for determining if a permission type has the permission.

This method is called if there is no Remote User (ie anonymous)

Parameters:
entity - This is the issue or the project that the security is being checked for
argument - If this particular SchemeType has been configured with a parameter, then this parameter is passed (eg. Group Name for GroupDropdown)
Returns:
true if anonymous Users have this permission.

hasPermission

public boolean hasPermission(org.ofbiz.core.entity.GenericValue entity,
                             String argument,
                             User user,
                             boolean issueCreation)
Decides if the given User has permission to see the given issue or project. If the user is null they can never have the permission so false is returned. If the entity is a Project the permission is always true as report and assignee have no context in a project only on the issues with the project It the entity is an Issue check if the user is in the relevent field in the issue

Parameters:
entity - The Generic Value. Shoule be an Issue
argument - Not needed for this implementation
user - User to check the permission on. If it is null then the check is made on the current user
issueCreation - NFI
Returns:
true if the user is the current assignee otherwise false
See Also:
hasPermission(org.ofbiz.core.entity.GenericValue, java.lang.String), ProjectLead.hasPermission(org.ofbiz.core.entity.GenericValue, java.lang.String), SingleUser.hasPermission(org.ofbiz.core.entity.GenericValue, java.lang.String), GroupDropdown.hasPermission(org.ofbiz.core.entity.GenericValue, java.lang.String)

hasIssuePermission

protected boolean hasIssuePermission(User user,
                                     boolean issueCreation,
                                     org.ofbiz.core.entity.GenericValue issueGv,
                                     String argument)
Defines whether the given user has permission to see the given issue.

Parameters:
user - the User for whom permission is being determined.
issueCreation - not used.
issueGv - the issue.
argument - a parameter to be optionally used by overriders.
Returns:
true only if the User has permission to see the issue, false if issueGv is not an issue.

hasProjectPermission

protected abstract boolean hasProjectPermission(User user,
                                                boolean issueCreation,
                                                org.ofbiz.core.entity.GenericValue project)

getField

protected abstract String getField()

getUsers

public Set getUsers(PermissionContext ctx,
                    String argument)
Description copied from interface: SecurityType
Returns a list of Users represented by a security type instance. The collection must not contain any nulls.

Parameters:
ctx - The current issue and project
argument - Instance value, eg. a group name, user name, custom field id
Returns:
A set of Users.


Copyright © 2002-2008 Atlassian. All Rights Reserved.