public class PublicAccessPermissionManager extends Object implements PermissionManager
PermissionManager
to ensure that the permissions are completely revoked for anonymous user
when the public access is disabled.
This is a delegate that redirects all requests to a PermissionManager
. When public access is enabled,
for anonymous user it redirects the call for the delegate to compute. When public access is disable, for anonymous
user it simply returns as if the delegate returned denied (without calling the delegate).
Modifier and Type | Field and Description |
---|---|
static FeatureFlag |
PUBLIC_ACCESS |
Constructor and Description |
---|
PublicAccessPermissionManager(PermissionManager permissionManager,
FeatureManager featureManager) |
Modifier and Type | Method and Description |
---|---|
void |
flushCache()
Flushes any cached project permissions for all users.
|
Collection<com.atlassian.crowd.embedded.api.Group> |
getAllGroups(int permissionId,
Project project)
Retrieve all groups that are used in the permission globally and in the project.
|
Collection<ProjectPermission> |
getAllProjectPermissions() |
com.atlassian.fugue.Option<ProjectPermission> |
getProjectPermission(ProjectPermissionKey permissionKey)
Returns a project permission matching the specified key.
|
Collection<ProjectPermission> |
getProjectPermissions(ProjectPermissionCategory category) |
Collection<Project> |
getProjects(int permissionId,
ApplicationUser user)
Deprecated.
|
Collection<Project> |
getProjects(int permissionId,
ApplicationUser user,
ProjectCategory projectCategory)
Deprecated.
|
Collection<Project> |
getProjects(ProjectPermissionKey permissionKey,
ApplicationUser user)
Retrieve a list of project objects this user has the permission for
|
Collection<Project> |
getProjects(ProjectPermissionKey permissionKey,
ApplicationUser user,
ProjectCategory projectCategory)
Returns the list of projects associated with the specified category, that this user has the permissions for.
|
boolean |
hasPermission(int permissionsId,
ApplicationUser user)
Deprecated.
|
boolean |
hasPermission(int permissionsId,
Issue issue,
ApplicationUser user)
Deprecated.
|
boolean |
hasPermission(int permissionsId,
Project project,
ApplicationUser user)
Deprecated.
|
boolean |
hasPermission(int permissionsId,
Project project,
ApplicationUser user,
boolean issueCreation)
Deprecated.
|
boolean |
hasPermission(ProjectPermissionKey permissionKey,
Issue issue,
ApplicationUser user)
Checks to see if this user has permission to see the specified issue.
|
boolean |
hasPermission(ProjectPermissionKey permissionKey,
Issue issue,
ApplicationUser user,
com.opensymphony.workflow.loader.ActionDescriptor actionDescriptor)
Checks to see if this user has the given permission to the specified issue after the given workflow transition takes effect.
|
boolean |
hasPermission(ProjectPermissionKey permissionKey,
Issue issue,
ApplicationUser user,
Status status)
Checks to see if this user has the given permission to the specified issue if the issue was in the given status.
|
boolean |
hasPermission(ProjectPermissionKey permissionKey,
Project project,
ApplicationUser user)
Checks whether the specified user has a specified permission within the context of a specified project.
|
boolean |
hasPermission(ProjectPermissionKey permissionKey,
Project project,
ApplicationUser user,
boolean issueCreation)
Checks whether the specified user has a specified permission within the context of a specified project.
|
boolean |
hasProjects(int permissionId,
ApplicationUser user)
Deprecated.
|
boolean |
hasProjects(ProjectPermissionKey permissionKey,
ApplicationUser user)
Can this user see at least one project with this permission
|
ProjectWidePermission |
hasProjectWidePermission(ProjectPermissionKey permissionKey,
Project project,
ApplicationUser user)
Checks whether a user has a particular permission in the given project.
|
boolean |
hasPublicAccess(ApplicationUser applicationUser)
Verifies if anonymous user has public access to JIRA
|
void |
removeGroupPermissions(String group)
Remove all permissions that have used this group
|
void |
removeUserPermissions(ApplicationUser user)
Remove all permissions that have been assigned to this user
|
public static final FeatureFlag PUBLIC_ACCESS
public PublicAccessPermissionManager(PermissionManager permissionManager, FeatureManager featureManager)
public Collection<ProjectPermission> getAllProjectPermissions()
getAllProjectPermissions
in interface PermissionManager
public Collection<ProjectPermission> getProjectPermissions(@Nonnull ProjectPermissionCategory category)
getProjectPermissions
in interface PermissionManager
category
- project permission category.@Deprecated public boolean hasPermission(int permissionsId, ApplicationUser user)
PermissionManager
hasPermission
in interface PermissionManager
permissionsId
- permission iduser
- user, can be null - anonymous userGlobalPermissionManager.hasPermission(int, ApplicationUser)
public com.atlassian.fugue.Option<ProjectPermission> getProjectPermission(@Nonnull ProjectPermissionKey permissionKey)
PermissionManager
getProjectPermission
in interface PermissionManager
permissionKey
- A project permission key.Option.none()
if there is no permission with this key.@Deprecated public boolean hasPermission(int permissionsId, Issue issue, ApplicationUser user)
PermissionManager
Note that if the issue's generic value is null, it is assumed that the issue is currently being created, and so the permission check call is deferred to the issue's project object, with the issueCreation flag set to true. See JRA-14788 for more info.
hasPermission
in interface PermissionManager
permissionsId
- Not a global permissionissue
- The Issue (cannot be null)user
- User object, possibly null if JIRA is accessed anonymouslypublic boolean hasPermission(@Nonnull ProjectPermissionKey permissionKey, @Nonnull Issue issue, @Nullable ApplicationUser user)
PermissionManager
Note that if the issue's generic value is null, it is assumed that the issue is currently being created, and so the permission check call is deferred to the issue's project object, with the issueCreation flag set to true. See JRA-14788 for more info.
hasPermission
in interface PermissionManager
permissionKey
- Not a global permission keyissue
- The Issue (cannot be null)user
- User object, possibly null if JIRA is accessed anonymouslypublic boolean hasPermission(@Nonnull ProjectPermissionKey permissionKey, @Nonnull Issue issue, @Nullable ApplicationUser user, @Nullable com.opensymphony.workflow.loader.ActionDescriptor actionDescriptor)
PermissionManager
hasPermission
in interface PermissionManager
permissionKey
- The project permission key.issue
- The Issue (cannot be null)user
- User object, possibly null if JIRA is accessed anonymouslyactionDescriptor
- Represents the current workflow transitionpublic boolean hasPermission(@Nonnull ProjectPermissionKey permissionKey, @Nonnull Issue issue, @Nullable ApplicationUser user, @Nonnull Status status)
PermissionManager
This method is useful during a workflow transition to check what the permissions will be in the new status, or (after the status is updated in the Issue object) to check what the permission would have been in the old status.
hasPermission
in interface PermissionManager
permissionKey
- The project permission key.issue
- The Issue (cannot be null)user
- User object, possibly null if JIRA is accessed anonymouslystatus
- Represents the state we are checking permissions against@Deprecated public boolean hasPermission(int permissionsId, Project project, ApplicationUser user)
PermissionManager
hasPermission
in interface PermissionManager
permissionsId
- A non-global permission, i.e. a permission that is granted via a project contextproject
- The project that is the context of the permission check.user
- The person to perform the permission check forpublic boolean hasPermission(@Nonnull ProjectPermissionKey permissionKey, @Nonnull Project project, @Nullable ApplicationUser user)
PermissionManager
hasPermission
in interface PermissionManager
permissionKey
- A non-global permission, i.e. a permission that is granted via a project contextproject
- The project that is the context of the permission check.user
- The person to perform the permission check forPermissionManager.hasProjectWidePermission(ProjectPermissionKey, Project, ApplicationUser)
@Nonnull public ProjectWidePermission hasProjectWidePermission(@Nonnull ProjectPermissionKey permissionKey, @Nonnull Project project, @Nullable ApplicationUser user)
PermissionManager
This method returns a tri-state enum in order to convey information about permissions that are granted on a per-issue basis.
ISSUE_SPECIFIC
, it may be that there are no issues for which the
user has the permission granted.
hasProjectWidePermission
in interface PermissionManager
permissionKey
- A project permissionproject
- The project that is the context of the permission check.user
- The person to perform the permission check for (null means anonymous)ALL_ISSUES
, NO_ISSUES
, or ISSUE_SPECIFIC
PermissionManager.hasPermission(ProjectPermissionKey, Project, ApplicationUser)
@Deprecated public boolean hasPermission(int permissionsId, Project project, ApplicationUser user, boolean issueCreation)
PermissionManager
hasPermission
in interface PermissionManager
permissionsId
- A non-global permission, i.e. a permission that is granted via a project contextproject
- The project that is the context of the permission check.user
- The person to perform the permission check forissueCreation
- Whether this permission is being checked during issue creationpublic boolean hasPermission(@Nonnull ProjectPermissionKey permissionKey, @Nonnull Project project, @Nullable ApplicationUser user, boolean issueCreation)
PermissionManager
hasPermission
in interface PermissionManager
permissionKey
- A non-global permission, i.e. a permission that is granted via a project contextproject
- The project that is the context of the permission check.user
- The person to perform the permission check forissueCreation
- Whether this permission is being checked during issue creationpublic void removeGroupPermissions(String group) throws RemoveException
PermissionManager
removeGroupPermissions
in interface PermissionManager
group
- The name of the group that needs to be removed, must NOT be null and must be a real groupRemoveException
- if permission removal failspublic void removeUserPermissions(ApplicationUser user) throws RemoveException
PermissionManager
removeUserPermissions
in interface PermissionManager
user
- the user whose permissions are to be removedRemoveException
@Deprecated public boolean hasProjects(int permissionId, ApplicationUser user)
PermissionManager
hasProjects
in interface PermissionManager
permissionId
- must NOT be a global permissionuser
- user being checkedpublic boolean hasProjects(@Nonnull ProjectPermissionKey permissionKey, @Nullable ApplicationUser user)
PermissionManager
hasProjects
in interface PermissionManager
permissionKey
- must NOT be a global permissionuser
- user being checked@Deprecated public Collection<Project> getProjects(int permissionId, ApplicationUser user)
PermissionManager
getProjects
in interface PermissionManager
permissionId
- must NOT be a global permissionuser
- userProject
objectspublic Collection<Project> getProjects(@Nonnull ProjectPermissionKey permissionKey, @Nullable ApplicationUser user)
PermissionManager
getProjects
in interface PermissionManager
permissionKey
- must NOT be a global permissionuser
- userProject
objects@Deprecated public Collection<Project> getProjects(int permissionId, ApplicationUser user, ProjectCategory projectCategory)
PermissionManager
getProjects
in interface PermissionManager
permissionId
- permission iduser
- userprojectCategory
- the ProjectCategorypublic Collection<Project> getProjects(@Nonnull ProjectPermissionKey permissionKey, @Nullable ApplicationUser user, @Nullable ProjectCategory projectCategory)
PermissionManager
getProjects
in interface PermissionManager
permissionKey
- permission keyuser
- userprojectCategory
- the ProjectCategory - null means find projects with no category.public void flushCache()
PermissionManager
flushCache
in interface PermissionManager
public Collection<com.atlassian.crowd.embedded.api.Group> getAllGroups(int permissionId, Project project)
PermissionManager
getAllGroups
in interface PermissionManager
permissionId
- permission idproject
- project from which to retrieve groupspublic boolean hasPublicAccess(@Nonnull ApplicationUser applicationUser)
PermissionManager
hasPublicAccess
in interface PermissionManager
applicationUser
- user being checkedCopyright © 2002-2018 Atlassian. All Rights Reserved.