com.atlassian.jira.dev.reference.plugin.security.auth
Class ReferenceAuthorisation

java.lang.Object
  com.atlassian.jira.dev.reference.plugin.security.auth.ReferenceAuthorisation

All Implemented Interfaces:

Authorisation

public class ReferenceAuthorisation
extends Object
implements Authorisation

Nested Class Summary

Nested classes/interfaces inherited from interface com.atlassian.jira.security.auth.Authorisation

Authorisation.Decision

Constructor Summary

ReferenceAuthorisation()

Method Summary

Authorisation.Decision	authoriseForLogin(com.atlassian.crowd.embedded.api.User user, javax.servlet.http.HttpServletRequest httpServletRequest) Called to ask whether a user is authorised to perform the given request when trying to login and estblish a new session with JIRA.
Authorisation.Decision	authoriseForRole(com.atlassian.crowd.embedded.api.User user, javax.servlet.http.HttpServletRequest httpServletRequest, String role) This is called by the security layers to ask whether a user is authorised to perform the given request with the provided role string.
Set<String>	getRequiredRoles(javax.servlet.http.HttpServletRequest httpServletRequest) This is called by the security layers to get a set of role strings that are required for this request.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ReferenceAuthorisation

public ReferenceAuthorisation()

Method Detail

authoriseForLogin

public Authorisation.Decision authoriseForLogin(@Nonnull
                                                com.atlassian.crowd.embedded.api.User user,
                                                javax.servlet.http.HttpServletRequest httpServletRequest)

Description copied from interface: Authorisation

Called to ask whether a user is authorised to perform the given request when trying to login and estblish a new session with JIRA.

At this stage the user has been authenticated by not authorised to login.

Specified by:

authoriseForLogin in interface Authorisation

Parameters:

user - a non null user that has been authenticated

httpServletRequest - the request in play

Returns:

a decision on authorisation

getRequiredRoles

public Set<String> getRequiredRoles(javax.servlet.http.HttpServletRequest httpServletRequest)

Description copied from interface: Authorisation

This is called by the security layers to get a set of role strings that are required for this request. Once a user has been set into the authentication context then Authorisation.authoriseForRole(com.atlassian.crowd.embedded.api.User, javax.servlet.http.HttpServletRequest, String) will be called to decide if they are in fact authorised to execute this request. NOTE : If you give off a role MUST answer when you are called back via Authorisation.authoriseForRole(com.atlassian.crowd.embedded.api.User, javax.servlet.http.HttpServletRequest, String).

Specified by:

getRequiredRoles in interface Authorisation

Parameters:

httpServletRequest - the request in play

Returns:

a decision on authorisation

authoriseForRole

public Authorisation.Decision authoriseForRole(@Nullable
                                               com.atlassian.crowd.embedded.api.User user,
                                               javax.servlet.http.HttpServletRequest httpServletRequest,
                                               String role)

Description copied from interface: Authorisation

This is called by the security layers to ask whether a user is authorised to perform the given request with the provided role string.

You may be called with role strings that you did not give out. In this case you should ABSTAIN from a decision.

Specified by:

authoriseForRole in interface Authorisation

Parameters:

user - a user that may be null

httpServletRequest - the request in play

Returns:

a decision on authorisation