com.atlassian.jira.security.type
Class AbstractIssueFieldSecurityType

java.lang.Object
  com.atlassian.jira.security.type.AbstractSecurityType
      com.atlassian.jira.security.type.AbstractIssueFieldSecurityType

All Implemented Interfaces:

SchemeType, SecurityType

Direct Known Subclasses:

GroupCF, SimpleIssueFieldSecurityType, UserCF

public abstract class AbstractIssueFieldSecurityType
extends AbstractSecurityType

Constructor Summary

AbstractIssueFieldSecurityType()

Method Summary

protected abstract String	getFieldName()
org.apache.lucene.search.Query	getQuery(com.atlassian.crowd.embedded.api.User searcher, org.ofbiz.core.entity.GenericValue entity, String parameter)
org.apache.lucene.search.Query	getQuery(com.atlassian.crowd.embedded.api.User searcher, Project project, org.ofbiz.core.entity.GenericValue securityLevel, String parameter) Returns a query based on security level and the project passed in.
protected org.apache.lucene.search.BooleanQuery	getQueryForProject(org.ofbiz.core.entity.GenericValue project, com.atlassian.crowd.embedded.api.User searcher) Gets called to produce the Lucene query for a project
protected org.apache.lucene.search.BooleanQuery	getQueryForSecurityLevel(org.ofbiz.core.entity.GenericValue issueSecurity, com.atlassian.crowd.embedded.api.User searcher) Produces a Lucene query for a given issue security type such that documents match the query only when the given user is defined for the issue by this custom field in the given security.
Set<com.atlassian.crowd.embedded.api.User>	getUsers(PermissionContext ctx, String argument) Returns a list of Users represented by a security type instance.
protected abstract boolean	hasIssuePermission(com.atlassian.crowd.embedded.api.User user, boolean issueCreation, org.ofbiz.core.entity.GenericValue issueGv, String argument)
boolean	hasPermission(org.ofbiz.core.entity.GenericValue entity, String argument) Interface for determining if a permission type has the permission.
boolean	hasPermission(org.ofbiz.core.entity.GenericValue entity, String argument, com.atlassian.crowd.embedded.api.User user, boolean issueCreation) Decides if the given User has permission to see the given issue or project.
protected abstract boolean	hasProjectPermission(com.atlassian.crowd.embedded.api.User user, boolean issueCreation, org.ofbiz.core.entity.GenericValue project)

Methods inherited from class com.atlassian.jira.security.type.AbstractSecurityType

getArgumentDisplay, isValidForPermission

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.atlassian.jira.scheme.SchemeType

doValidation, getDisplayName, getType

Constructor Detail

AbstractIssueFieldSecurityType

public AbstractIssueFieldSecurityType()

Method Detail

getFieldName

protected abstract String getFieldName()

getQuery

public org.apache.lucene.search.Query getQuery(com.atlassian.crowd.embedded.api.User searcher,
                                               org.ofbiz.core.entity.GenericValue entity,
                                               String parameter)

getQuery

public org.apache.lucene.search.Query getQuery(com.atlassian.crowd.embedded.api.User searcher,
                                               Project project,
                                               org.ofbiz.core.entity.GenericValue securityLevel,
                                               String parameter)

Description copied from interface: SecurityType

Returns a query based on security level and the project passed in. This may be required in particular for role based issue security levels. (see JRA-12739)

Parameters:

searcher - The searcher conducting the search

project - The project for which we're constructing a query

securityLevel - The security level for which we are constructing the query

parameter - Parameter identifying user related field (reporter, assignee, etc)

Returns:

A lucene permissions query

getQueryForProject

protected org.apache.lucene.search.BooleanQuery getQueryForProject(org.ofbiz.core.entity.GenericValue project,
                                                                   com.atlassian.crowd.embedded.api.User searcher)

Gets called to produce the Lucene query for a project

Parameters:

project - The project for which to construct a query

searcher - The user who is searching to add to the query

Returns:

A BooleanQuery with the project and searcher terms

getQueryForSecurityLevel

protected org.apache.lucene.search.BooleanQuery getQueryForSecurityLevel(org.ofbiz.core.entity.GenericValue issueSecurity,
                                                                         com.atlassian.crowd.embedded.api.User searcher)

Produces a Lucene query for a given issue security type such that documents match the query only when the given user is defined for the issue by this custom field in the given security.

Parameters:

issueSecurity - the security defined by this IssueFieldSecurityType instance.

searcher - the user.

Returns:

a query to constrain to the given issue security for the given user or null if user is null.

hasPermission

public boolean hasPermission(org.ofbiz.core.entity.GenericValue entity,
                             String argument)

Description copied from interface: SchemeType

Interface for determining if a permission type has the permission.

This method is called if there is no Remote User (ie anonymous)

Parameters:

entity - This is the issue or the project that the security is being checked for

argument - If this particular SchemeType has been configured with a parameter, then this parameter is passed (eg. Group Name for GroupDropdown)

Returns:

true if anonymous Users have this permission.

hasPermission

public boolean hasPermission(org.ofbiz.core.entity.GenericValue entity,
                             String argument,
                             com.atlassian.crowd.embedded.api.User user,
                             boolean issueCreation)

Decides if the given User has permission to see the given issue or project. If the user is null they can never have the permission so false is returned. If the entity is a Project the permission is always true as report and assignee have no context in a project only on the issues with the project It the entity is an Issue check if the user is in the relevent field in the issue

Parameters:

entity - The Generic Value. Shoule be an Issue

argument - Not needed for this implementation

user - User to check the permission on. If it is null then the check is made on the current user

issueCreation - NFI

Returns:

true if the user is the current assignee otherwise false

See Also:

hasPermission(org.ofbiz.core.entity.GenericValue, java.lang.String), ProjectLead.hasPermission(org.ofbiz.core.entity.GenericValue, java.lang.String), SingleUser.hasPermission(org.ofbiz.core.entity.GenericValue, java.lang.String), GroupDropdown.hasPermission(org.ofbiz.core.entity.GenericValue, java.lang.String)

hasIssuePermission

protected abstract boolean hasIssuePermission(com.atlassian.crowd.embedded.api.User user,
                                              boolean issueCreation,
                                              org.ofbiz.core.entity.GenericValue issueGv,
                                              String argument)

hasProjectPermission

protected abstract boolean hasProjectPermission(com.atlassian.crowd.embedded.api.User user,
                                                boolean issueCreation,
                                                org.ofbiz.core.entity.GenericValue project)

getUsers

public Set<com.atlassian.crowd.embedded.api.User> getUsers(PermissionContext ctx,
                                                           String argument)

Description copied from interface: SecurityType

Returns a list of Users represented by a security type instance. The collection must not contain any nulls.

Parameters:

ctx - The current issue and project

argument - Instance value, eg. a group name, user name, custom field id

Returns:

A set of Users.