Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.atlassian.jira.security
Class DefaultGlobalPermissionManager

java.lang.Object
  extended by com.atlassian.jira.security.DefaultGlobalPermissionManager
All Implemented Interfaces:
GlobalPermissionManager
public class DefaultGlobalPermissionManager
extends Object
implements GlobalPermissionManager

Constructor Summary
DefaultGlobalPermissionManager(com.atlassian.crowd.embedded.api.CrowdService crowdService, OfBizDelegator ofBizDelegator, com.atlassian.event.api.EventPublisher eventPublisher, GlobalPermissionTypesManager globalPermissionTypesManager, com.atlassian.cache.CacheManager cacheManager)
           
 
Method Summary
 boolean addPermission(GlobalPermissionType globalPermissionType, String group)
          Grants a user group a global permission.
 boolean addPermission(int permissionId, String group)
          Adds a global permission
 void clearCache()
           
 Collection<GlobalPermissionType> getAllGlobalPermissions()
           
 com.atlassian.fugue.Option<GlobalPermissionType> getGlobalPermission(GlobalPermissionKey permissionKey)
          Returns the global permission details for the given permission key.
 com.atlassian.fugue.Option<GlobalPermissionType> getGlobalPermission(int permissionId)
           
 com.atlassian.fugue.Option<GlobalPermissionType> getGlobalPermission(String permissionKey)
          Returns a global permission matching the specified key.
 Collection<String> getGroupNames(GlobalPermissionType globalPermissionType)
          Retrieve all the group names with this permission.
 Collection<String> getGroupNames(int permissionId)
          Retrieve all the group names with this permission.
 Collection<String> getGroupNamesWithPermission(GlobalPermissionKey permissionKey)
          Retrieve all the group names with this permission.
 Collection<com.atlassian.crowd.embedded.api.Group> getGroupsWithPermission(GlobalPermissionKey permissionKey)
          Retrieve all the groups with the given permission.
 Collection<com.atlassian.crowd.embedded.api.Group> getGroupsWithPermission(GlobalPermissionType globalPermissionType)
          Retrieve all the groups with this permission.
 Collection<com.atlassian.crowd.embedded.api.Group> getGroupsWithPermission(int permissionId)
          Retrieve all the groups with this permission.
 Collection<GlobalPermissionEntry> getPermissions(GlobalPermissionKey globalPermissionKey)
          Retrieve a list of user groups which have been granted the specified permission.
 Collection<GlobalPermissionEntry> getPermissions(GlobalPermissionType globalPermissionType)
          Retrieve a list of user groups which have been granted a specified permission.
 Collection<JiraPermission> getPermissions(int permissionType)
          Retrieve a list of user groups which have been granted a specified permission.
protected  boolean hasPermission(GlobalPermissionEntry permissionEntry)
           
 boolean hasPermission(GlobalPermissionKey globalPermissionKey, ApplicationUser user)
          Check if the given user has the given Global Permission.
 boolean hasPermission(GlobalPermissionType globalPermissionType)
          Left in here temporarily in case it is being used by SD 2.0
 boolean hasPermission(GlobalPermissionType globalPermissionType, ApplicationUser user)
          Left in here temporarily in case it is being used by SD 2.0
 boolean hasPermission(int permissionId)
          Check if a global anonymous permission exists
 boolean hasPermission(int permissionId, ApplicationUser user)
          Check if a global permission for one of the users groups exists.
 boolean hasPermission(int permissionId, com.atlassian.crowd.embedded.api.User user)
          Check if a global permission for one of the users groups exists.
 boolean isGlobalPermission(int permissionId)
           
 void onClearCache(ClearCacheEvent event)
           
 boolean removePermission(GlobalPermissionType globalPermissionType, String group)
          Revokes a global permission for a user group
 boolean removePermission(int permissionId, String group)
          Revokes a global permission for a user group
 boolean removePermissions(String group)
          Revoke all global permissions for a user group.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

DefaultGlobalPermissionManager

public DefaultGlobalPermissionManager(com.atlassian.crowd.embedded.api.CrowdService crowdService,
                                      OfBizDelegator ofBizDelegator,
                                      com.atlassian.event.api.EventPublisher eventPublisher,
                                      GlobalPermissionTypesManager globalPermissionTypesManager,
                                      com.atlassian.cache.CacheManager cacheManager)
Method Detail

onClearCache

@EventListener
public void onClearCache(ClearCacheEvent event)

getAllGlobalPermissions

public Collection<GlobalPermissionType> getAllGlobalPermissions()
Specified by:
getAllGlobalPermissions in interface GlobalPermissionManager
Returns:
the collection with all global permissions. This includes all the systems global permissions and all the plugin global permissions.

getGlobalPermission

public com.atlassian.fugue.Option<GlobalPermissionType> getGlobalPermission(int permissionId)
Specified by:
getGlobalPermission in interface GlobalPermissionManager
Parameters:
permissionId - id of the permission.
Returns:
a global permission (system and pluggable) for the given permission id.

getGlobalPermission

public com.atlassian.fugue.Option<GlobalPermissionType> getGlobalPermission(@Nonnull
                                                                            String permissionKey)
Description copied from interface: GlobalPermissionManager
Returns a global permission matching the specified key.

Specified by:
getGlobalPermission in interface GlobalPermissionManager
Parameters:
permissionKey - the key of the permission declared by global permission module.
Returns:
a global permission for the given permission key.

getGlobalPermission

public com.atlassian.fugue.Option<GlobalPermissionType> getGlobalPermission(@Nonnull
                                                                            GlobalPermissionKey permissionKey)
Description copied from interface: GlobalPermissionManager
Returns the global permission details for the given permission key.

Specified by:
getGlobalPermission in interface GlobalPermissionManager
Parameters:
permissionKey - the global permission key
Returns:
the global permission details for the given permission key.

addPermission

public boolean addPermission(int permissionId,
                             String group)
Adds a global permission

Specified by:
addPermission in interface GlobalPermissionManager
Parameters:
permissionId - must be a global permission type
group - can be null if it is anyone permission
Returns:
True if the permission was added

addPermission

public boolean addPermission(GlobalPermissionType globalPermissionType,
                             String group)
Description copied from interface: GlobalPermissionManager
Grants a user group a global permission.

Specified by:
addPermission in interface GlobalPermissionManager
Parameters:
globalPermissionType - global permission, must not be null.
group - the name of the group. Null means "anyone" group. The JIRA use, admin and sysadmin permission cannot be granted to anyone.
Returns:
true if permission was added.

getPermissions

public Collection<JiraPermission> getPermissions(int permissionType)
Description copied from interface: GlobalPermissionManager
Retrieve a list of user groups which have been granted a specified permission. The returned JiraPermission contains a reference to the user group. JiraPermission.getScheme() is always NULL, because Global permission are not configured using schemes. JiraPermission.getType() will always return "group", because global permissions can only be granted to groups.

Specified by:
getPermissions in interface GlobalPermissionManager
Parameters:
permissionType - The key of pluggable global permission. Must be a global permission.
Returns:
Collection of JiraPermission.getPermType(), must never return null.

getPermissions

public Collection<GlobalPermissionEntry> getPermissions(GlobalPermissionType globalPermissionType)
Description copied from interface: GlobalPermissionManager
Retrieve a list of user groups which have been granted a specified permission. The returned JiraPermission contains a reference to the user group. JiraPermission.getScheme() is always NULL, because Global permission are not configured using schemes. JiraPermission.getType() will always return "group", because global permissions can only be granted to groups.

Specified by:
getPermissions in interface GlobalPermissionManager
Parameters:
globalPermissionType - global permission, must not be null.
Returns:
Collection of JiraPermission.getPermType(), must never return null.

getPermissions

@Nonnull
public Collection<GlobalPermissionEntry> getPermissions(@Nonnull
                                                                GlobalPermissionKey globalPermissionKey)
Description copied from interface: GlobalPermissionManager
Retrieve a list of user groups which have been granted the specified permission.

The returned GlobalPermissionEntry contains a reference to the user group.

Specified by:
getPermissions in interface GlobalPermissionManager
Parameters:
globalPermissionKey - global permission, must not be null.
Returns:
Collection of GlobalPermissionEntry, never null.

removePermission

public boolean removePermission(int permissionId,
                                String group)
Description copied from interface: GlobalPermissionManager
Revokes a global permission for a user group

Specified by:
removePermission in interface GlobalPermissionManager
Parameters:
permissionId - the global permission.
group - the group name. NULL means the anyone group.
Returns:
true if the permission was revoked, false if not (e.g. the group does not have this permission)

removePermission

public boolean removePermission(GlobalPermissionType globalPermissionType,
                                String group)
Description copied from interface: GlobalPermissionManager
Revokes a global permission for a user group

Specified by:
removePermission in interface GlobalPermissionManager
Parameters:
globalPermissionType - global permission, must not be null.
group - the group name. NULL means the anyone group.
Returns:
true if the permission was revoked, false if not (e.g. the group does not have this permission)

removePermissions

public boolean removePermissions(String group)
Description copied from interface: GlobalPermissionManager
Revoke all global permissions for a user group.

Specified by:
removePermissions in interface GlobalPermissionManager
Parameters:
group - cannot NOT be null and the group must exist.
Returns:
true, if this group does not have any global permissions

hasPermission

public boolean hasPermission(int permissionId)
Check if a global anonymous permission exists

Specified by:
hasPermission in interface GlobalPermissionManager
Parameters:
permissionId - must be global permission
Returns:
true the anonymous user has the permission of given type, false otherwise
See Also:
GlobalPermissionManager.hasPermission(int, User)

hasPermission

public boolean hasPermission(@Nonnull
                             GlobalPermissionType globalPermissionType)
Description copied from interface: GlobalPermissionManager
Left in here temporarily in case it is being used by SD 2.0

Specified by:
hasPermission in interface GlobalPermissionManager

hasPermission

public boolean hasPermission(int permissionId,
                             com.atlassian.crowd.embedded.api.User user)
Description copied from interface: GlobalPermissionManager
Check if a global permission for one of the users groups exists.

If the permission type is Permissions.ADMINISTER and the lookup is false then the same query will be executed for the Permissions.SYSTEM_ADMIN permission type, since it is implied that having a Permissions.SYSTEM_ADMIN permission grants Permissions.ADMINISTER rights.

Note: Use GlobalPermissionManager.hasPermission(int) method is you do not have the user object, i.e. user is anonymous.

If you are using this method directly, consider using PermissionManager.hasPermission(int, User) instead as it handles logged in and anonymous users as well.

Specified by:
hasPermission in interface GlobalPermissionManager
Parameters:
permissionId - must be a global permission
user - must not be null
Returns:
true if the given user has the permission of given type, otherwise false
See Also:
GlobalPermissionManager.hasPermission(int), PermissionManager.hasPermission(int, User)

hasPermission

public boolean hasPermission(int permissionId,
                             ApplicationUser user)
Description copied from interface: GlobalPermissionManager
Check if a global permission for one of the users groups exists.

If the permission type is Permissions.ADMINISTER and the lookup is false then the same query will be executed for the Permissions.SYSTEM_ADMIN permission type, since it is implied that having a Permissions.SYSTEM_ADMIN permission grants Permissions.ADMINISTER rights.

Note: Use GlobalPermissionManager.hasPermission(int) method is you do not have the user object, i.e. user is anonymous.

If you are using this method directly, consider using PermissionManager.hasPermission(int, User) instead as it handles logged in and anonymous users as well.

Specified by:
hasPermission in interface GlobalPermissionManager
Parameters:
permissionId - must be a global permission
user - must not be null
Returns:
true if the given user has the permission of given type, otherwise false
See Also:
GlobalPermissionManager.hasPermission(int), PermissionManager.hasPermission(int, User)

hasPermission

public boolean hasPermission(@Nonnull
                             GlobalPermissionKey globalPermissionKey,
                             @Nullable
                             ApplicationUser user)
Description copied from interface: GlobalPermissionManager
Check if the given user has the given Global Permission.

If the permission type is Permissions.ADMINISTER and the lookup is false then the same query will be executed for the Permissions.SYSTEM_ADMIN permission type, since it is implied that having a Permissions.SYSTEM_ADMIN permission grants Permissions.ADMINISTER rights.

Specified by:
hasPermission in interface GlobalPermissionManager
Parameters:
globalPermissionKey - global permission, must not be null.
user - The user - can be null indicating "anonymous"
Returns:
true if the given user has the permission of given type, otherwise false.

hasPermission

public boolean hasPermission(@Nonnull
                             GlobalPermissionType globalPermissionType,
                             @Nullable
                             ApplicationUser user)
Description copied from interface: GlobalPermissionManager
Left in here temporarily in case it is being used by SD 2.0

Specified by:
hasPermission in interface GlobalPermissionManager

getGroupsWithPermission

public Collection<com.atlassian.crowd.embedded.api.Group> getGroupsWithPermission(int permissionId)
Description copied from interface: GlobalPermissionManager
Retrieve all the groups with this permission. Only groups directly associated with the permission will be returned.

Specified by:
getGroupsWithPermission in interface GlobalPermissionManager
Parameters:
permissionId - must be a global permission
Returns:
a Collection of Group's, will never be null.

getGroupsWithPermission

public Collection<com.atlassian.crowd.embedded.api.Group> getGroupsWithPermission(@Nonnull
                                                                                  GlobalPermissionType globalPermissionType)
Description copied from interface: GlobalPermissionManager
Retrieve all the groups with this permission. Only groups directly associated with the permission will be returned.

Specified by:
getGroupsWithPermission in interface GlobalPermissionManager
Parameters:
globalPermissionType - global permission, must not be null.
Returns:
a Collection of Group's, will never be null.

getGroupsWithPermission

@Nonnull
public Collection<com.atlassian.crowd.embedded.api.Group> getGroupsWithPermission(@Nonnull
                                                                                          GlobalPermissionKey permissionKey)
Description copied from interface: GlobalPermissionManager
Retrieve all the groups with the given permission.

Only groups directly associated with the permission will be returned.

Specified by:
getGroupsWithPermission in interface GlobalPermissionManager
Parameters:
permissionKey - global permission, must not be null.
Returns:
a Collection of Group's, will never be null.

getGroupNames

public Collection<String> getGroupNames(int permissionId)
Description copied from interface: GlobalPermissionManager
Retrieve all the group names with this permission. Only group names directly associated with the permission will be returned.

Specified by:
getGroupNames in interface GlobalPermissionManager
Parameters:
permissionId - must be a global permission
Returns:
a Collection of String, group names, will never be null.

getGroupNames

public Collection<String> getGroupNames(@Nonnull
                                        GlobalPermissionType globalPermissionType)
Description copied from interface: GlobalPermissionManager
Retrieve all the group names with this permission. Only group names directly associated with the permission will be returned.

Specified by:
getGroupNames in interface GlobalPermissionManager
Parameters:
globalPermissionType - global permission, must not be null.
Returns:
a Collection of String, group names, will never be null.

getGroupNamesWithPermission

@Nonnull
public Collection<String> getGroupNamesWithPermission(@Nonnull
                                                              GlobalPermissionKey permissionKey)
Description copied from interface: GlobalPermissionManager
Retrieve all the group names with this permission. Only group names directly associated with the permission will be returned.

Specified by:
getGroupNamesWithPermission in interface GlobalPermissionManager
Parameters:
permissionKey - global permission, must not be null.
Returns:
a Collection of String, group names, will never be null.

isGlobalPermission

public boolean isGlobalPermission(int permissionId)
Specified by:
isGlobalPermission in interface GlobalPermissionManager
Parameters:
permissionId - id of the permission to check.
Returns:
true if provided id is the id of a global permission.

clearCache

public void clearCache()
Specified by:
clearCache in interface GlobalPermissionManager

hasPermission

protected boolean hasPermission(GlobalPermissionEntry permissionEntry)
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2002-2014 Atlassian. All Rights Reserved.