com.atlassian.jira.security.auth

Class AuthorisationManagerImpl

java.lang.Object

com.atlassian.jira.security.auth.AuthorisationManagerImpl

All Implemented Interfaces:

Startable, AuthorisationManager

public class AuthorisationManagerImpl
extends Object
implements AuthorisationManager, Startable

Constructor Summary

Constructors

Constructor and Description
AuthorisationManagerImpl(PermissionManager permissionManager, com.atlassian.plugin.PluginAccessor pluginAccessor, WebworkPluginSecurityServiceHelper webworkPluginSecurityServiceHelper, com.atlassian.event.api.EventPublisher eventPublisher, ApplicationRoleManager applicationRoleManager, GlobalPermissionManager globalPermissions)

Method Summary

Modifier and Type	Method and Description
boolean	authoriseForLogin(ApplicationUser user, javax.servlet.http.HttpServletRequest httpServletRequest) Called to ask whether a user (non null always) is authorised to perform the given request as a login event
boolean	authoriseForRole(ApplicationUser user, javax.servlet.http.HttpServletRequest httpServletRequest, String role) Called to ask whether a user (non null always) is authorised to perform the given request as a login event
Set<String>	getRequiredRoles(javax.servlet.http.HttpServletRequest httpServletRequest) Gets the set of role strings that are examined by Seraph to decide if a user is authorised to execute a request.
boolean	hasUserAccessToJIRA(ApplicationUser applicationUser) Verifies whether a user has access to JIRA.
void	onPluginModuleDisabled(com.atlassian.plugin.event.events.PluginModuleDisabledEvent event)
void	onPluginModuleEnabled(com.atlassian.plugin.event.events.PluginModuleEnabledEvent event)
void	start() This method will be called after the plugin system is fully initialised and all components added to the dependency injection framework.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AuthorisationManagerImpl

public AuthorisationManagerImpl(PermissionManager permissionManager,
                                com.atlassian.plugin.PluginAccessor pluginAccessor,
                                WebworkPluginSecurityServiceHelper webworkPluginSecurityServiceHelper,
                                com.atlassian.event.api.EventPublisher eventPublisher,
                                ApplicationRoleManager applicationRoleManager,
                                GlobalPermissionManager globalPermissions)

Method Detail

start

public void start()
           throws Exception

Description copied from interface: Startable

This method will be called after the plugin system is fully initialised and all components added to the dependency injection framework.

Specified by:

start in interface Startable

Throws:

Exception - Allows implementations to throw an Exception.

onPluginModuleEnabled

public void onPluginModuleEnabled(com.atlassian.plugin.event.events.PluginModuleEnabledEvent event)

onPluginModuleDisabled

public void onPluginModuleDisabled(com.atlassian.plugin.event.events.PluginModuleDisabledEvent event)

authoriseForLogin

public boolean authoriseForLogin(@Nonnull
                                 ApplicationUser user,
                                 javax.servlet.http.HttpServletRequest httpServletRequest)

Description copied from interface: AuthorisationManager

Called to ask whether a user (non null always) is authorised to perform the given request as a login event

Specified by:

authoriseForLogin in interface AuthorisationManager

Parameters:

user - a non null user

httpServletRequest - the request in play

Returns:

true if they are authorised to perform the request

hasUserAccessToJIRA

public boolean hasUserAccessToJIRA(@Nonnull
                                   ApplicationUser applicationUser)

Description copied from interface: AuthorisationManager

Verifies whether a user has access to JIRA. Works similar to AuthorisationManager.authoriseForLogin(com.atlassian.jira.user.ApplicationUser, javax.servlet.http.HttpServletRequest) but doesn't check authorisation via plugins.

Specified by:

hasUserAccessToJIRA in interface AuthorisationManager

Parameters:

applicationUser - a non null user

Returns:

true if user is authorised to JIRA

getRequiredRoles

public Set<String> getRequiredRoles(javax.servlet.http.HttpServletRequest httpServletRequest)

Description copied from interface: AuthorisationManager

Gets the set of role strings that are examined by Seraph to decide if a user is authorised to execute a request.

Specified by:

getRequiredRoles in interface AuthorisationManager

Parameters:

httpServletRequest - the request in play

Returns:

a set of roles

authoriseForRole

public boolean authoriseForRole(@Nullable
                                ApplicationUser user,
                                javax.servlet.http.HttpServletRequest httpServletRequest,
                                String role)

Description copied from interface: AuthorisationManager

Called to ask whether a user (non null always) is authorised to perform the given request as a login event

Specified by:

authoriseForRole in interface AuthorisationManager

Parameters:

user - a possibly null user

httpServletRequest - the request in play

role - one or more of the roles that was given out during AuthorisationManager.getRequiredRoles(javax.servlet.http.HttpServletRequest)

Returns:

true if they are authorised to perform the request