com.atlassian.jira.security
Interface PermissionManager

All Superinterfaces:
JiraManager
All Known Implementing Classes:
AbstractPermissionManager, DefaultPermissionManager, SubvertedPermissionManager, ThreadLocalCachingPermissionManager, WorkflowBasedPermissionManager

@PublicApi
public interface PermissionManager
extends JiraManager

PermissionManager responsible for all project specific permissions.

See JIRA Permissions.

For all global Permissions it is recommended to use GlobalPermissionManager.


Method Summary
 void addPermission(int permissionsId, org.ofbiz.core.entity.GenericValue scheme, String parameter, String securityType)
          Grants a permission to the system.
 Collection<com.atlassian.crowd.embedded.api.Group> getAllGroups(int permissionId, Project project)
          Retrieve all groups that are used in the permission globally and in the project.
 Collection<Project> getProjectObjects(int permissionId, com.atlassian.crowd.embedded.api.User user)
          Retrieve a list of project objects this user has the permission for
 Collection<org.ofbiz.core.entity.GenericValue> getProjects(int permissionId, com.atlassian.crowd.embedded.api.User user)
          Deprecated. Please use getProjectObjects(int, com.atlassian.crowd.embedded.api.User). Since v4.3
 Collection<org.ofbiz.core.entity.GenericValue> getProjects(int permissionId, com.atlassian.crowd.embedded.api.User user, org.ofbiz.core.entity.GenericValue category)
          Deprecated. Use getProjects(int, User, ProjectCategory) instead. Since v5.0.
 Collection<Project> getProjects(int permissionId, com.atlassian.crowd.embedded.api.User user, ProjectCategory projectCategory)
          Returns the list of projects associated with the specified category, that this user has the permissions for.
 boolean hasPermission(int permissionsId, org.ofbiz.core.entity.GenericValue entity, com.atlassian.crowd.embedded.api.User u)
          Deprecated. use hasPermission(int, Issue, User) for Issues or hasPermission(int, Project, User) for Projects since JIRA 3.11
 boolean hasPermission(int permissionsId, org.ofbiz.core.entity.GenericValue project, com.atlassian.crowd.embedded.api.User user, boolean issueCreation)
          Deprecated. use hasPermission(int, Issue, User) for Issues or hasPermission(int, Project, User, boolean) for Projects since 3.11
 boolean hasPermission(int permissionsId, Issue issue, com.atlassian.crowd.embedded.api.User user)
          Checks to see if this user has permission to see the specified issue.
 boolean hasPermission(int permissionsId, Project project, com.atlassian.crowd.embedded.api.User user)
          Checks whether the specified user has a specified permission within the context of a specified project.
 boolean hasPermission(int permissionsId, Project project, com.atlassian.crowd.embedded.api.User user, boolean issueCreation)
          Checks whether the specified user has a specified permission within the context of a specified project.
 boolean hasPermission(int permissionsId, com.atlassian.crowd.embedded.api.User user)
          Checks to see if this user has the specified permission.
 boolean hasProjects(int permissionId, com.atlassian.crowd.embedded.api.User user)
          Can this user see at least one project with this permission
 void removeGroupPermissions(String group)
          Remove all permissions that have used this group
 void removeUserPermissions(String username)
          Remove all permissions that have used this username
 

Method Detail

addPermission

void addPermission(int permissionsId,
                   org.ofbiz.core.entity.GenericValue scheme,
                   String parameter,
                   String securityType)
                   throws CreateException
Grants a permission to the system.

Parameters:
permissionsId - Permissions value. E.g. See Permissions.ADMINISTER
scheme - If null permission is global otherwise it is added to the scheme
parameter - Used for e.g. group name
securityType - e.g. GroupDropdown.DESC
Throws:
CreateException - if permission creation fails

hasPermission

boolean hasPermission(int permissionsId,
                      com.atlassian.crowd.embedded.api.User user)
Checks to see if this user has the specified permission. It will check only global permissions as there are no other permissions to check.

Parameters:
permissionsId - permission id
user - user, can be null - anonymous user
Returns:
true if user is granted given permission, false otherwise
See Also:
GlobalPermissionManager.hasPermission(int, User)

hasPermission

boolean hasPermission(int permissionsId,
                      org.ofbiz.core.entity.GenericValue entity,
                      com.atlassian.crowd.embedded.api.User u)
Deprecated. use hasPermission(int, Issue, User) for Issues or hasPermission(int, Project, User) for Projects since JIRA 3.11

Checks to see if this has permission to see the specified entity. Check Permissions scheme(s) if the entity is project. Check Permissions scheme(s) and issue level security scheme(s) if the entity is an issue.

Parameters:
permissionsId - Not a global permission
entity - Not null. Must be either an issue or project.
u - User object, possibly null if JIRA is accessed anonymously
Returns:
True if there are sufficient rights to access the entity supplied
Throws:
IllegalArgumentException - If the entity supplied is NOT an issue or project.

hasPermission

boolean hasPermission(int permissionsId,
                      Issue issue,
                      com.atlassian.crowd.embedded.api.User user)
Checks to see if this user has permission to see the specified issue.

Note that if the issue's generic value is null, it is assumed that the issue is currently being created, and so the permission check call is deferred to the issue's project object, with the issueCreation flag set to true. See JRA-14788 for more info.

Parameters:
permissionsId - Not a global permission
issue - The Issue (cannot be null)
user - User object, possibly null if JIRA is accessed anonymously
Returns:
True if there are sufficient rights to access the entity supplied

hasPermission

boolean hasPermission(int permissionsId,
                      Project project,
                      com.atlassian.crowd.embedded.api.User user)
Checks whether the specified user has a specified permission within the context of a specified project.

Parameters:
permissionsId - A non-global permission, i.e. a permission that is granted via a project context
project - The project that is the context of the permission check.
user - The person to perform the permission check for
Returns:
true if the user has the specified permission in the context of the supplied project

hasPermission

boolean hasPermission(int permissionsId,
                      Project project,
                      com.atlassian.crowd.embedded.api.User user,
                      boolean issueCreation)
Checks whether the specified user has a specified permission within the context of a specified project.

Parameters:
permissionsId - A non-global permission, i.e. a permission that is granted via a project context
project - The project that is the context of the permission check.
user - The person to perform the permission check for
issueCreation - Whether this permission is being checked during issue creation
Returns:
true if the user has the specified permission in the context of the supplied project

hasPermission

boolean hasPermission(int permissionsId,
                      org.ofbiz.core.entity.GenericValue project,
                      com.atlassian.crowd.embedded.api.User user,
                      boolean issueCreation)
Deprecated. use hasPermission(int, Issue, User) for Issues or hasPermission(int, Project, User, boolean) for Projects since 3.11

Does the same as hasPermission(int,org.ofbiz.core.entity.GenericValue,User) except the entity is a project GenericValue.

Parameters:
permissionsId - Not a global permission
project - Not null.
user - User object, possibly null if JIRA is accessed anonymously
issueCreation - Whether this permission is being checked during issue creation
Returns:
True if there are sufficient rights to access the entity supplied

removeGroupPermissions

void removeGroupPermissions(String group)
                            throws RemoveException
Remove all permissions that have used this group

Parameters:
group - The name of the group that needs to be removed, must NOT be null and must be a real group
Throws:
RemoveException - if permission removal fails

removeUserPermissions

void removeUserPermissions(String username)
                           throws RemoveException
Remove all permissions that have used this username

Parameters:
username - username of the user whose permissions are to be removed
Throws:
RemoveException - if permission removal fails

hasProjects

boolean hasProjects(int permissionId,
                    com.atlassian.crowd.embedded.api.User user)
Can this user see at least one project with this permission

Parameters:
permissionId - must NOT be a global permission
user - user being checked
Returns:
true the given user can see at least one project with the given permission, false otherwise

getProjects

Collection<org.ofbiz.core.entity.GenericValue> getProjects(int permissionId,
                                                           com.atlassian.crowd.embedded.api.User user)
Deprecated. Please use getProjectObjects(int, com.atlassian.crowd.embedded.api.User). Since v4.3

Retrieve a list of projects this user has the permission for

Parameters:
permissionId - must NOT be a global permission
user - user
Returns:
a collection of GenericValue objects

getProjectObjects

Collection<Project> getProjectObjects(int permissionId,
                                      com.atlassian.crowd.embedded.api.User user)
Retrieve a list of project objects this user has the permission for

Parameters:
permissionId - must NOT be a global permission
user - user
Returns:
a collection of Project objects

getProjects

Collection<org.ofbiz.core.entity.GenericValue> getProjects(int permissionId,
                                                           com.atlassian.crowd.embedded.api.User user,
                                                           org.ofbiz.core.entity.GenericValue category)
Deprecated. Use getProjects(int, User, ProjectCategory) instead. Since v5.0.

Retrieve a list of projects associated with the specified category, that this user has the permissions for

Parameters:
permissionId - permission id
user - user
category - GenericValue representing category
Returns:
a collection of GenericValue objects

getProjects

Collection<Project> getProjects(int permissionId,
                                com.atlassian.crowd.embedded.api.User user,
                                ProjectCategory projectCategory)
Returns the list of projects associated with the specified category, that this user has the permissions for.

Parameters:
permissionId - permission id
user - user
projectCategory - the ProjectCategory
Returns:
the list of projects associated with the specified category, that this user has the permissions for.

getAllGroups

Collection<com.atlassian.crowd.embedded.api.Group> getAllGroups(int permissionId,
                                                                Project project)
Retrieve all groups that are used in the permission globally and in the project.

Parameters:
permissionId - permission id
project - project from which to retrieve groups
Returns:
a collection of Groups


Copyright © 2002-2012 Atlassian. All Rights Reserved.