public class WorkflowBasedPermissionManager extends DefaultPermissionManager
<step id="1" name="Open"> <meta name="jira.status.id">1</meta> <meta name="jira.permission.comment.group">acme-bizusers</meta> <meta name="jira.permission.comment.user">qa</meta> <meta name="jira.permission.edit.group.1">jira-developers</meta> <meta name="jira.permission.edit.group.2">jira-editors</meta> <meta name="jira.permission.edit.projectrole">10001</meta>then only members of the acme-bizusers group and user 'qa' will be able to comment on open issues, and only members of 'jira-developers' and 'jira-editors' groups or members of the project role with id '10001' will be able to edit issues. Assuming, of course, these users already have the relevant permission in the permission scheme.
Meta attributes can also modify subtasks' permissions. For example if the 'Bug' workflow's Open step has:
<meta name="jira.permission.subtasks.edit.group">jira-qa</meta>Then subtasks of Bugs will only be editable by 'jira-qa' members, when their parent is in the Open state.
The format is 'jira.permission.[subtasks.]{permission}.{type}[.suffix]', where:
Permissions
Important:Workflow permissions can only restrict permissions set in the permission scheme, not grant permissions.
WorkflowBasedPermissionSchemeManager
Constructor and Description |
---|
WorkflowBasedPermissionManager(WorkflowPermissionFactory workflowPermissionFactory,
PermissionContextFactory permissionContextFactory,
ProjectPermissionTypesManager projectPermissionTypesManager,
ProjectPermissionOverrideDescriptorCache projectPermissionOverrideDescriptorCache) |
Modifier and Type | Method and Description |
---|---|
boolean |
hasPermission(int permissionsId,
Issue issue,
ApplicationUser user)
Checks to see if this user has permission to see the specified issue.
|
boolean |
hasPermission(int permissionsId,
Project project,
ApplicationUser user)
Checks whether the specified user has a specified permission within the context of a specified project.
|
boolean |
hasPermission(int permissionsId,
Project project,
ApplicationUser user,
boolean issueCreation)
Checks whether the specified user has a specified permission within the context of a specified project.
|
boolean |
hasPermission(ProjectPermissionKey permissionsKey,
Issue issue,
ApplicationUser user)
Checks to see if this user has permission to see the specified issue.
|
boolean |
hasPermission(ProjectPermissionKey permissionKey,
Issue issue,
ApplicationUser user,
com.opensymphony.workflow.loader.ActionDescriptor actionDescriptor)
Checks to see if this user has the given permission to the specified issue after the given workflow transition takes effect.
|
boolean |
hasPermission(ProjectPermissionKey permissionKey,
Issue issue,
ApplicationUser user,
Status status)
Checks to see if this user has the given permission to the specified issue if the issue was in the given status.
|
boolean |
hasPermission(ProjectPermissionKey permissionsKey,
Project project,
ApplicationUser user)
Checks whether the specified user has a specified permission within the context of a specified project.
|
boolean |
hasPermission(ProjectPermissionKey permissionsKey,
Project project,
ApplicationUser user,
boolean issueCreation)
Checks whether the specified user has a specified permission within the context of a specified project.
|
flushCache, getAllGroups, getAllProjectPermissions, getArchivedProjectObjects, getArchivedProjects, getProjectObjects, getProjectPermission, getProjectPermissions, getProjects, getProjects, getProjects, getProjects, hasPermission, hasProjects, hasProjects, hasProjectWidePermission, isGlobalPermission, removeGroupPermissions, removeUserPermissions
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
hasPublicAccess
public WorkflowBasedPermissionManager(WorkflowPermissionFactory workflowPermissionFactory, PermissionContextFactory permissionContextFactory, ProjectPermissionTypesManager projectPermissionTypesManager, ProjectPermissionOverrideDescriptorCache projectPermissionOverrideDescriptorCache)
public boolean hasPermission(int permissionsId, Issue issue, ApplicationUser user)
PermissionManager
Note that if the issue's generic value is null, it is assumed that the issue is currently being created, and so the permission check call is deferred to the issue's project object, with the issueCreation flag set to true. See JRA-14788 for more info.
hasPermission
in interface PermissionManager
hasPermission
in class DefaultPermissionManager
permissionsId
- Not a global permissionissue
- The Issue (cannot be null)user
- User object, possibly null if JIRA is accessed anonymouslypublic boolean hasPermission(@Nonnull ProjectPermissionKey permissionsKey, @Nonnull Issue issue, ApplicationUser user)
PermissionManager
Note that if the issue's generic value is null, it is assumed that the issue is currently being created, and so the permission check call is deferred to the issue's project object, with the issueCreation flag set to true. See JRA-14788 for more info.
hasPermission
in interface PermissionManager
hasPermission
in class DefaultPermissionManager
permissionsKey
- Not a global permission keyissue
- The Issue (cannot be null)user
- User object, possibly null if JIRA is accessed anonymouslypublic boolean hasPermission(@Nonnull ProjectPermissionKey permissionKey, @Nonnull Issue issue, @Nullable ApplicationUser user, @Nullable com.opensymphony.workflow.loader.ActionDescriptor actionDescriptor)
PermissionManager
hasPermission
in interface PermissionManager
hasPermission
in class DefaultPermissionManager
permissionKey
- The project permission key.issue
- The Issue (cannot be null)user
- User object, possibly null if JIRA is accessed anonymouslyactionDescriptor
- Represents the current workflow transitionpublic boolean hasPermission(@Nonnull ProjectPermissionKey permissionKey, @Nonnull Issue issue, @Nullable ApplicationUser user, @Nonnull Status status)
PermissionManager
This method is useful during a workflow transition to check what the permissions will be in the new status, or (after the status is updated in the Issue object) to check what the permission would have been in the old status.
hasPermission
in interface PermissionManager
hasPermission
in class DefaultPermissionManager
permissionKey
- The project permission key.issue
- The Issue (cannot be null)user
- User object, possibly null if JIRA is accessed anonymouslystatus
- Represents the state we are checking permissions againstpublic boolean hasPermission(int permissionsId, Project project, ApplicationUser user)
PermissionManager
hasPermission
in interface PermissionManager
hasPermission
in class DefaultPermissionManager
permissionsId
- A non-global permission, i.e. a permission that is granted via a project contextproject
- The project that is the context of the permission check.user
- The person to perform the permission check forpublic boolean hasPermission(@Nonnull ProjectPermissionKey permissionsKey, @Nonnull Project project, @Nullable ApplicationUser user)
PermissionManager
hasPermission
in interface PermissionManager
hasPermission
in class DefaultPermissionManager
permissionsKey
- A non-global permission, i.e. a permission that is granted via a project contextproject
- The project that is the context of the permission check.user
- The person to perform the permission check forPermissionManager.hasProjectWidePermission(ProjectPermissionKey, Project, ApplicationUser)
public boolean hasPermission(int permissionsId, Project project, ApplicationUser user, boolean issueCreation)
PermissionManager
hasPermission
in interface PermissionManager
hasPermission
in class DefaultPermissionManager
permissionsId
- A non-global permission, i.e. a permission that is granted via a project contextproject
- The project that is the context of the permission check.user
- The person to perform the permission check forissueCreation
- Whether this permission is being checked during issue creationpublic boolean hasPermission(@Nonnull ProjectPermissionKey permissionsKey, @Nonnull Project project, ApplicationUser user, boolean issueCreation)
PermissionManager
hasPermission
in interface PermissionManager
hasPermission
in class DefaultPermissionManager
permissionsKey
- A non-global permission, i.e. a permission that is granted via a project contextproject
- The project that is the context of the permission check.user
- The person to perform the permission check forissueCreation
- Whether this permission is being checked during issue creationCopyright © 2002-2022 Atlassian. All Rights Reserved.