com.atlassian.jira.security
Class DefaultPermissionManager

java.lang.Object
  extended by com.atlassian.jira.security.DefaultPermissionManager
All Implemented Interfaces:
JiraManager, PermissionManager
Direct Known Subclasses:
MockPermissionManager, WorkflowBasedPermissionManager

public class DefaultPermissionManager
extends Object
implements PermissionManager

An abstract PermissionManager that implements a lot of the common functionality to all PermissionManagers.


Constructor Summary
DefaultPermissionManager(ProjectPermissionTypesManager projectPermissionTypesManager)
           
 
Method Summary
 void addPermission(int permissionsId, org.ofbiz.core.entity.GenericValue scheme, String parameter, String securityType)
          Adds a permission to the system
protected  boolean doEntityPermissionCheck(ProjectPermissionKey permissionKey, org.ofbiz.core.entity.GenericValue entity, com.atlassian.crowd.embedded.api.User user, boolean issueCreation)
           
 Collection<com.atlassian.crowd.embedded.api.Group> getAllGroups(int permissionId, Project project)
          Retrieve all groups that are used in the permission globally and in the project.
 Collection<ProjectPermission> getAllProjectPermissions()
           
 Collection<Project> getProjectObjects(int permissionId, com.atlassian.crowd.embedded.api.User user)
          Retrieve a list of project objects this user has the permission for
protected  Collection<Project> getProjectObjects(ProjectPermissionKey permissionKey, com.atlassian.crowd.embedded.api.User user)
           
 com.atlassian.fugue.Option<ProjectPermission> getProjectPermission(ProjectPermissionKey permissionKey)
          Returns a project permission matching the specified key.
 Collection<ProjectPermission> getProjectPermissions(ProjectPermissionCategory category)
           
 Collection<Project> getProjects(int permissionId, ApplicationUser user)
          Retrieve a list of project objects this user has the permission for
 Collection<Project> getProjects(int permissionId, ApplicationUser user, ProjectCategory projectCategory)
          Returns the list of projects associated with the specified category, that this user has the permissions for.
 Collection<org.ofbiz.core.entity.GenericValue> getProjects(int permissionId, com.atlassian.crowd.embedded.api.User user)
          Retrieve a list of projects this user has the permission for
 Collection<org.ofbiz.core.entity.GenericValue> getProjects(int permissionId, com.atlassian.crowd.embedded.api.User user, org.ofbiz.core.entity.GenericValue category)
          Retrieve a list of projects associated with the specified category, that this user has the permissions for
 Collection<Project> getProjects(int permissionId, com.atlassian.crowd.embedded.api.User user, ProjectCategory projectCategory)
          Returns the list of projects associated with the specified category, that this user has the permissions for.
 Collection<Project> getProjects(ProjectPermissionKey permissionKey, ApplicationUser user)
          Retrieve a list of project objects this user has the permission for
 Collection<Project> getProjects(ProjectPermissionKey permissionKey, ApplicationUser user, ProjectCategory projectCategory)
          Returns the list of projects associated with the specified category, that this user has the permissions for.
 boolean hasPermission(int permissionsId, ApplicationUser user)
          Checks to see if this user has the specified permission.
 boolean hasPermission(int permissionId, org.ofbiz.core.entity.GenericValue projectOrIssue, com.atlassian.crowd.embedded.api.User user)
          Checks to see if this has permission to see the specified entity
Check Permissions scheme(s) if the entity is project
Check Permissions scheme(s) and issue level security scheme(s) if the entity is an issue
 boolean hasPermission(int permissionId, org.ofbiz.core.entity.GenericValue entity, com.atlassian.crowd.embedded.api.User user, boolean issueCreation)
          Does the same as PermissionManager.hasPermission(int,org.ofbiz.core.entity.GenericValue,User) except the entity is a project GenericValue.
 boolean hasPermission(int permissionsId, Issue issue, ApplicationUser user)
          Checks to see if this user has permission to see the specified issue.
 boolean hasPermission(int permissionsId, Issue issue, com.atlassian.crowd.embedded.api.User user)
          Checks to see if this user has permission to see the specified issue.
 boolean hasPermission(int permissionsId, Project project, ApplicationUser user)
          Checks whether the specified user has a specified permission within the context of a specified project.
 boolean hasPermission(int permissionsId, Project project, ApplicationUser user, boolean issueCreation)
          Checks whether the specified user has a specified permission within the context of a specified project.
 boolean hasPermission(int permissionsId, Project project, com.atlassian.crowd.embedded.api.User user)
          Checks whether the specified user has a specified permission within the context of a specified project.
 boolean hasPermission(int permissionsId, Project project, com.atlassian.crowd.embedded.api.User user, boolean issueCreation)
          Checks whether the specified user has a specified permission within the context of a specified project.
 boolean hasPermission(int permissionsId, com.atlassian.crowd.embedded.api.User user)
          Checks to see if this user has the specified permission
It will check only global permissions as there are no other permissions to check
protected  boolean hasPermission(ProjectPermissionKey permissionKey, org.ofbiz.core.entity.GenericValue projectOrIssue, com.atlassian.crowd.embedded.api.User user)
           
protected  boolean hasPermission(ProjectPermissionKey permissionKey, org.ofbiz.core.entity.GenericValue entity, com.atlassian.crowd.embedded.api.User user, boolean issueCreation)
           
 boolean hasPermission(ProjectPermissionKey permissionKey, Issue issue, ApplicationUser user)
          Checks to see if this user has permission to see the specified issue.
protected  boolean hasPermission(ProjectPermissionKey permissionKey, Issue issue, com.atlassian.crowd.embedded.api.User user)
           
 boolean hasPermission(ProjectPermissionKey permissionsKey, Project project, ApplicationUser user)
          Checks whether the specified user has a specified permission within the context of a specified project.
 boolean hasPermission(ProjectPermissionKey permissionsKey, Project project, ApplicationUser user, boolean issueCreation)
          Checks whether the specified user has a specified permission within the context of a specified project.
protected  boolean hasPermission(ProjectPermissionKey permissionKey, Project project, com.atlassian.crowd.embedded.api.User user)
           
protected  boolean hasPermission(ProjectPermissionKey permissionKey, Project project, com.atlassian.crowd.embedded.api.User user, boolean issueCreation)
           
 boolean hasProjects(int permissionId, ApplicationUser user)
          Can this user see at least one project with this permission
 boolean hasProjects(int permissionId, com.atlassian.crowd.embedded.api.User user)
          Can this user see at least one project with this permission
 boolean hasProjects(ProjectPermissionKey permissionKey, ApplicationUser user)
          Can this user see at least one project with this permission
protected  boolean isGlobalPermission(int permissionId)
           
 void removeGroupPermissions(String group)
          Remove all permissions that have used this group
 void removeUserPermissions(ApplicationUser user)
          Remove all permissions that have been assigned to this user
 void removeUserPermissions(String username)
          Remove all permissions that have used this username
 void setProjectPermissionTypesManager(ProjectPermissionTypesManager projectPermissionTypesManager)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

DefaultPermissionManager

public DefaultPermissionManager(ProjectPermissionTypesManager projectPermissionTypesManager)
Method Detail

getAllProjectPermissions

public Collection<ProjectPermission> getAllProjectPermissions()
Specified by:
getAllProjectPermissions in interface PermissionManager
Returns:
all project permissions.

getProjectPermissions

public Collection<ProjectPermission> getProjectPermissions(ProjectPermissionCategory category)
Specified by:
getProjectPermissions in interface PermissionManager
Parameters:
category - project permission category.
Returns:
all project permissions of the specified category.

getProjectPermission

public com.atlassian.fugue.Option<ProjectPermission> getProjectPermission(@Nonnull
                                                                          ProjectPermissionKey permissionKey)
Description copied from interface: PermissionManager
Returns a project permission matching the specified key.

Specified by:
getProjectPermission in interface PermissionManager
Parameters:
permissionKey - A project permission key.
Returns:
a project permission for the given permission key. Option.none() if there is no permission with this key.

addPermission

public void addPermission(int permissionsId,
                          org.ofbiz.core.entity.GenericValue scheme,
                          String parameter,
                          String securityType)
                   throws CreateException
Adds a permission to the system

Specified by:
addPermission in interface PermissionManager
Parameters:
permissionsId - Permissions value
scheme - If null permission is global otherwise it is added to the scheme
parameter - Used for e.g. group name
securityType - e.g. GroupDropdown.DESC
Throws:
CreateException - if permission creation fails

hasPermission

public boolean hasPermission(int permissionsId,
                             com.atlassian.crowd.embedded.api.User user)
Checks to see if this user has the specified permission
It will check only global permissions as there are no other permissions to check

Specified by:
hasPermission in interface PermissionManager
Parameters:
permissionsId - permission id
user - user
Returns:
true if user is granted given permission, false otherwise
See Also:
GlobalPermissionManager.hasPermission(int, User)

hasPermission

public boolean hasPermission(int permissionsId,
                             ApplicationUser user)
Description copied from interface: PermissionManager
Checks to see if this user has the specified permission. It will check only global permissions as there are no other permissions to check.

Specified by:
hasPermission in interface PermissionManager
Parameters:
permissionsId - permission id
user - user, can be null - anonymous user
Returns:
true if user is granted given permission, false otherwise
See Also:
GlobalPermissionManager.hasPermission(int, User)

hasPermission

public boolean hasPermission(int permissionId,
                             org.ofbiz.core.entity.GenericValue projectOrIssue,
                             com.atlassian.crowd.embedded.api.User user)
Checks to see if this has permission to see the specified entity
Check Permissions scheme(s) if the entity is project
Check Permissions scheme(s) and issue level security scheme(s) if the entity is an issue

Specified by:
hasPermission in interface PermissionManager
Parameters:
permissionId, - not a global permission
projectOrIssue - not null must be Project or Issue
user - User object, possibly null if JIRA is accessed anonymously
Returns:
True if there are sufficient rights to access the entity supplied

hasPermission

protected boolean hasPermission(ProjectPermissionKey permissionKey,
                                org.ofbiz.core.entity.GenericValue projectOrIssue,
                                com.atlassian.crowd.embedded.api.User user)

hasPermission

public boolean hasPermission(int permissionsId,
                             Issue issue,
                             com.atlassian.crowd.embedded.api.User user)
Description copied from interface: PermissionManager
Checks to see if this user has permission to see the specified issue.

Note that if the issue's generic value is null, it is assumed that the issue is currently being created, and so the permission check call is deferred to the issue's project object, with the issueCreation flag set to true. See JRA-14788 for more info.

Specified by:
hasPermission in interface PermissionManager
Parameters:
permissionsId - Not a global permission
issue - The Issue (cannot be null)
user - User object, possibly null if JIRA is accessed anonymously
Returns:
True if there are sufficient rights to access the entity supplied

hasPermission

protected boolean hasPermission(ProjectPermissionKey permissionKey,
                                Issue issue,
                                com.atlassian.crowd.embedded.api.User user)

hasPermission

public boolean hasPermission(int permissionsId,
                             Issue issue,
                             ApplicationUser user)
Description copied from interface: PermissionManager
Checks to see if this user has permission to see the specified issue.

Note that if the issue's generic value is null, it is assumed that the issue is currently being created, and so the permission check call is deferred to the issue's project object, with the issueCreation flag set to true. See JRA-14788 for more info.

Specified by:
hasPermission in interface PermissionManager
Parameters:
permissionsId - Not a global permission
issue - The Issue (cannot be null)
user - User object, possibly null if JIRA is accessed anonymously
Returns:
True if there are sufficient rights to access the entity supplied

hasPermission

public boolean hasPermission(ProjectPermissionKey permissionKey,
                             Issue issue,
                             ApplicationUser user)
Description copied from interface: PermissionManager
Checks to see if this user has permission to see the specified issue.

Note that if the issue's generic value is null, it is assumed that the issue is currently being created, and so the permission check call is deferred to the issue's project object, with the issueCreation flag set to true. See JRA-14788 for more info.

Specified by:
hasPermission in interface PermissionManager
Parameters:
permissionKey - Not a global permission key
issue - The Issue (cannot be null)
user - User object, possibly null if JIRA is accessed anonymously
Returns:
True if there are sufficient rights to access the entity supplied

hasPermission

public boolean hasPermission(int permissionsId,
                             Project project,
                             com.atlassian.crowd.embedded.api.User user)
Description copied from interface: PermissionManager
Checks whether the specified user has a specified permission within the context of a specified project.

Specified by:
hasPermission in interface PermissionManager
Parameters:
permissionsId - A non-global permission, i.e. a permission that is granted via a project context
project - The project that is the context of the permission check.
user - The person to perform the permission check for
Returns:
true if the user has the specified permission in the context of the supplied project

hasPermission

protected boolean hasPermission(ProjectPermissionKey permissionKey,
                                Project project,
                                com.atlassian.crowd.embedded.api.User user)

hasPermission

public boolean hasPermission(int permissionsId,
                             Project project,
                             ApplicationUser user)
Description copied from interface: PermissionManager
Checks whether the specified user has a specified permission within the context of a specified project.

Specified by:
hasPermission in interface PermissionManager
Parameters:
permissionsId - A non-global permission, i.e. a permission that is granted via a project context
project - The project that is the context of the permission check.
user - The person to perform the permission check for
Returns:
true if the user has the specified permission in the context of the supplied project

hasPermission

public boolean hasPermission(ProjectPermissionKey permissionsKey,
                             Project project,
                             ApplicationUser user)
Description copied from interface: PermissionManager
Checks whether the specified user has a specified permission within the context of a specified project.

Specified by:
hasPermission in interface PermissionManager
Parameters:
permissionsKey - A non-global permission, i.e. a permission that is granted via a project context
project - The project that is the context of the permission check.
user - The person to perform the permission check for
Returns:
true if the user has the specified permission in the context of the supplied project

hasPermission

public boolean hasPermission(int permissionsId,
                             Project project,
                             com.atlassian.crowd.embedded.api.User user,
                             boolean issueCreation)
Description copied from interface: PermissionManager
Checks whether the specified user has a specified permission within the context of a specified project.

Specified by:
hasPermission in interface PermissionManager
Parameters:
permissionsId - A non-global permission, i.e. a permission that is granted via a project context
project - The project that is the context of the permission check.
user - The person to perform the permission check for
issueCreation - Whether this permission is being checked during issue creation
Returns:
true if the user has the specified permission in the context of the supplied project

hasPermission

protected boolean hasPermission(ProjectPermissionKey permissionKey,
                                Project project,
                                com.atlassian.crowd.embedded.api.User user,
                                boolean issueCreation)

hasPermission

public boolean hasPermission(int permissionsId,
                             Project project,
                             ApplicationUser user,
                             boolean issueCreation)
Description copied from interface: PermissionManager
Checks whether the specified user has a specified permission within the context of a specified project.

Specified by:
hasPermission in interface PermissionManager
Parameters:
permissionsId - A non-global permission, i.e. a permission that is granted via a project context
project - The project that is the context of the permission check.
user - The person to perform the permission check for
issueCreation - Whether this permission is being checked during issue creation
Returns:
true if the user has the specified permission in the context of the supplied project

hasPermission

public boolean hasPermission(ProjectPermissionKey permissionsKey,
                             Project project,
                             ApplicationUser user,
                             boolean issueCreation)
Description copied from interface: PermissionManager
Checks whether the specified user has a specified permission within the context of a specified project.

Specified by:
hasPermission in interface PermissionManager
Parameters:
permissionsKey - A non-global permission, i.e. a permission that is granted via a project context
project - The project that is the context of the permission check.
user - The person to perform the permission check for
issueCreation - Whether this permission is being checked during issue creation
Returns:
true if the user has the specified permission in the context of the supplied project

hasPermission

public boolean hasPermission(int permissionId,
                             org.ofbiz.core.entity.GenericValue entity,
                             com.atlassian.crowd.embedded.api.User user,
                             boolean issueCreation)
Description copied from interface: PermissionManager
Does the same as PermissionManager.hasPermission(int,org.ofbiz.core.entity.GenericValue,User) except the entity is a project GenericValue.

Specified by:
hasPermission in interface PermissionManager
Parameters:
permissionId - Not a global permission
entity - Not null.
user - User object, possibly null if JIRA is accessed anonymously
issueCreation - Whether this permission is being checked during issue creation
Returns:
True if there are sufficient rights to access the entity supplied

hasPermission

protected boolean hasPermission(ProjectPermissionKey permissionKey,
                                org.ofbiz.core.entity.GenericValue entity,
                                com.atlassian.crowd.embedded.api.User user,
                                boolean issueCreation)

doEntityPermissionCheck

protected boolean doEntityPermissionCheck(ProjectPermissionKey permissionKey,
                                          org.ofbiz.core.entity.GenericValue entity,
                                          com.atlassian.crowd.embedded.api.User user,
                                          boolean issueCreation)

removeGroupPermissions

public void removeGroupPermissions(String group)
                            throws RemoveException
Remove all permissions that have used this group

Specified by:
removeGroupPermissions in interface PermissionManager
Parameters:
group - The name of the group that needs to be removed, must NOT be null and must be a real group
Throws:
RemoveException - if permission removal fails

removeUserPermissions

public void removeUserPermissions(String username)
                           throws RemoveException
Description copied from interface: PermissionManager
Remove all permissions that have used this username

Specified by:
removeUserPermissions in interface PermissionManager
Parameters:
username - username of the user whose permissions are to be removed
Throws:
RemoveException - if permission removal fails

removeUserPermissions

public void removeUserPermissions(ApplicationUser user)
                           throws RemoveException
Description copied from interface: PermissionManager
Remove all permissions that have been assigned to this user

Specified by:
removeUserPermissions in interface PermissionManager
Parameters:
user - the user whose permissions are to be removed
Throws:
RemoveException

hasProjects

public boolean hasProjects(int permissionId,
                           com.atlassian.crowd.embedded.api.User user)
Can this user see at least one project with this permission

Specified by:
hasProjects in interface PermissionManager
Parameters:
permissionId - must NOT be a global permission
user - user
Returns:
true the given user can see at least one project with the given permission, false otherwise
Throws:
IllegalArgumentException - if the passed in permission id matches a global permission

hasProjects

public boolean hasProjects(int permissionId,
                           ApplicationUser user)
Description copied from interface: PermissionManager
Can this user see at least one project with this permission

Specified by:
hasProjects in interface PermissionManager
Parameters:
permissionId - must NOT be a global permission
user - user being checked
Returns:
true the given user can see at least one project with the given permission, false otherwise

hasProjects

public boolean hasProjects(ProjectPermissionKey permissionKey,
                           ApplicationUser user)
Description copied from interface: PermissionManager
Can this user see at least one project with this permission

Specified by:
hasProjects in interface PermissionManager
Parameters:
permissionKey - must NOT be a global permission
user - user being checked
Returns:
true the given user can see at least one project with the given permission, false otherwise

getProjectObjects

public Collection<Project> getProjectObjects(int permissionId,
                                             com.atlassian.crowd.embedded.api.User user)
Description copied from interface: PermissionManager
Retrieve a list of project objects this user has the permission for

Specified by:
getProjectObjects in interface PermissionManager
Parameters:
permissionId - must NOT be a global permission
user - user
Returns:
a collection of Project objects

getProjects

public Collection<Project> getProjects(int permissionId,
                                       ApplicationUser user)
Description copied from interface: PermissionManager
Retrieve a list of project objects this user has the permission for

Specified by:
getProjects in interface PermissionManager
Parameters:
permissionId - must NOT be a global permission
user - user
Returns:
a collection of Project objects

getProjects

public Collection<Project> getProjects(ProjectPermissionKey permissionKey,
                                       ApplicationUser user)
Description copied from interface: PermissionManager
Retrieve a list of project objects this user has the permission for

Specified by:
getProjects in interface PermissionManager
Parameters:
permissionKey - must NOT be a global permission
user - user
Returns:
a collection of Project objects

getProjectObjects

protected Collection<Project> getProjectObjects(ProjectPermissionKey permissionKey,
                                                com.atlassian.crowd.embedded.api.User user)

getProjects

public Collection<org.ofbiz.core.entity.GenericValue> getProjects(int permissionId,
                                                                  com.atlassian.crowd.embedded.api.User user,
                                                                  org.ofbiz.core.entity.GenericValue category)
Description copied from interface: PermissionManager
Retrieve a list of projects associated with the specified category, that this user has the permissions for

Specified by:
getProjects in interface PermissionManager
Parameters:
permissionId - permission id
user - user
category - GenericValue representing category
Returns:
a collection of GenericValue objects

getProjects

public Collection<Project> getProjects(int permissionId,
                                       com.atlassian.crowd.embedded.api.User user,
                                       ProjectCategory projectCategory)
Description copied from interface: PermissionManager
Returns the list of projects associated with the specified category, that this user has the permissions for.

Specified by:
getProjects in interface PermissionManager
Parameters:
permissionId - permission id
user - user
projectCategory - the ProjectCategory
Returns:
the list of projects associated with the specified category, that this user has the permissions for.

getProjects

public Collection<Project> getProjects(int permissionId,
                                       ApplicationUser user,
                                       ProjectCategory projectCategory)
Description copied from interface: PermissionManager
Returns the list of projects associated with the specified category, that this user has the permissions for.

Specified by:
getProjects in interface PermissionManager
Parameters:
permissionId - permission id
user - user
projectCategory - the ProjectCategory
Returns:
the list of projects associated with the specified category, that this user has the permissions for.

getProjects

public Collection<Project> getProjects(ProjectPermissionKey permissionKey,
                                       ApplicationUser user,
                                       ProjectCategory projectCategory)
Description copied from interface: PermissionManager
Returns the list of projects associated with the specified category, that this user has the permissions for.

Specified by:
getProjects in interface PermissionManager
Parameters:
permissionKey - permission key
user - user
projectCategory - the ProjectCategory
Returns:
the list of projects associated with the specified category, that this user has the permissions for.

isGlobalPermission

protected boolean isGlobalPermission(int permissionId)

getAllGroups

public Collection<com.atlassian.crowd.embedded.api.Group> getAllGroups(int permissionId,
                                                                       Project project)
Description copied from interface: PermissionManager
Retrieve all groups that are used in the permission globally and in the project.

Specified by:
getAllGroups in interface PermissionManager
Parameters:
permissionId - permission id
project - project from which to retrieve groups
Returns:
a collection of Groups

getProjects

public Collection<org.ofbiz.core.entity.GenericValue> getProjects(int permissionId,
                                                                  com.atlassian.crowd.embedded.api.User user)
Description copied from interface: PermissionManager
Retrieve a list of projects this user has the permission for

Specified by:
getProjects in interface PermissionManager
Parameters:
permissionId - must NOT be a global permission
user - user
Returns:
a collection of GenericValue objects

setProjectPermissionTypesManager

public void setProjectPermissionTypesManager(ProjectPermissionTypesManager projectPermissionTypesManager)


Copyright © 2002-2014 Atlassian. All Rights Reserved.