com.atlassian.jira.security
Interface GlobalPermissionManager

All Known Implementing Classes:
DefaultGlobalPermissionManager

public interface GlobalPermissionManager

Use this manager to add/remove or check the following global permissions.

Global permissions are:

For all other project specific permissions use PermissionManager.

To check programmatically if a permission is global use Permissions.isGlobalPermission(int).


Method Summary
 boolean addPermission(int permissionType, String group)
          Grants a user group a global permission.
 Collection<String> getGroupNames(int permissionId)
          Retrieve all the group names with this permission.
 Collection<com.atlassian.crowd.embedded.api.Group> getGroupsWithPermission(int permissionId)
          Retrieve all the groups with this permission.
 Collection<JiraPermission> getPermissions(int permissionType)
          Retrieve a list of user groups which have been granted a specified permission.
 boolean hasPermission(int permissionType)
          Check if a global permission is granted for an anonymous user.
 boolean hasPermission(int permissionType, com.atlassian.crowd.embedded.api.User u)
          Check if a global permission for one of the users groups exists.
 boolean removePermission(int permissionType, String group)
          Revokes a global permission for a user group
 boolean removePermissions(String group)
          Revoke all global permissions for a user group.
 

Method Detail

addPermission

boolean addPermission(int permissionType,
                      String group)
                      throws CreateException
Grants a user group a global permission.

Parameters:
permissionType - the global permission.
group - the name of the group. Null means "anyone" group. The JIRA use permission cannot be granted to anyone.
Returns:
true if the permission was added
Throws:
CreateException - if the permission creation fails

getPermissions

Collection<JiraPermission> getPermissions(int permissionType)
Retrieve a list of user groups which have been granted a specified permission. The returned JiraPermission contains a reference to the user group. JiraPermission.getScheme() is always NULL, because Global permission are not configured using schemes. JiraPermission.getType() will always return "group", because global permissions can only be granted to groups.

Parameters:
permissionType - The permission. Must be a global permission.
Returns:
Collection of JiraPermission.getPermType(), must never return null.

removePermission

boolean removePermission(int permissionType,
                         String group)
                         throws RemoveException
Revokes a global permission for a user group

Parameters:
permissionType - the global permission.
group - the group name. NULL means the anyone group.
Returns:
true if the permission was revoked, false if not (e.g. the group does not have this permission)
Throws:
RemoveException - if the permission removal fails

removePermissions

boolean removePermissions(String group)
                          throws RemoveException
Revoke all global permissions for a user group.

Parameters:
group - cannot NOT be null and the group must exist.
Returns:
true, if this group does not have any global permissions
Throws:
RemoveException - if the permission removal fails

hasPermission

boolean hasPermission(int permissionType)
Check if a global permission is granted for an anonymous user.

If the permission is Permissions.ADMINISTER and the lookup is false then the same query will be executed for the Permissions.SYSTEM_ADMIN permission type, since it is implied that having a Permissions.SYSTEM_ADMIN permission grants Permissions.ADMINISTER rights.

Note: Use hasPermission(int, User) method is you have the user object, i.e. user is not anonymous.

If you are using this method directly, consider using PermissionManager.hasPermission(int, User) instead as it handles logged in and anonymous users as well.

Parameters:
permissionType - must be global permission
Returns:
true the anonymous user has the permission of given type, false otherwise
See Also:
hasPermission(int, User)

hasPermission

boolean hasPermission(int permissionType,
                      com.atlassian.crowd.embedded.api.User u)
Check if a global permission for one of the users groups exists.

If the permission type is Permissions.ADMINISTER and the lookup is false then the same query will be executed for the Permissions.SYSTEM_ADMIN permission type, since it is implied that having a Permissions.SYSTEM_ADMIN permission grants Permissions.ADMINISTER rights.

Note: Use hasPermission(int) method is you do not have the user object, i.e. user is anonymous.

If you are using this method directly, consider using PermissionManager.hasPermission(int, User) instead as it handles logged in and anonymous users as well.

Parameters:
permissionType - must be a global permission
u - must not be null
Returns:
true if the given user has the permission of given type, otherwise false
See Also:
hasPermission(int), PermissionManager.hasPermission(int, User)

getGroupsWithPermission

Collection<com.atlassian.crowd.embedded.api.Group> getGroupsWithPermission(int permissionId)
Retrieve all the groups with this permission. Only groups directly associated with the permission will be returned.

Parameters:
permissionId - must be a global permission
Returns:
a Collection of Group's, will never be null.

getGroupNames

Collection<String> getGroupNames(int permissionId)
Retrieve all the group names with this permission. Only group names directly associated with the permission will be returned.

Parameters:
permissionId - must be a global permission
Returns:
a Collection of String, group names, will never be null.


Copyright © 2002-2013 Atlassian. All Rights Reserved.