com.atlassian.bamboo.security

Interface BambooPermissionManager

public interface BambooPermissionManager

Field Summary

Fields

Modifier and Type	Field and Description
static org.acegisecurity.adapters.PrincipalAcegiUserToken	SYSTEM_AUTHORITY

Method Summary

Methods

Modifier and Type	Method and Description
org.acegisecurity.acls.Acl	getAcl(Object object)
Collection<String>	getAdminGroups() Get a list of all the groups that have global administration permission
Collection<String>	getAdminUsers() Get a list of all the users that have global administration permission
String	getDefaultUsersGroup()
Collection<org.acegisecurity.acls.Permission>	getPermissionsForPlan(PlanKey planKey)
Collection<String>	getRestrictedAdminGroups() Get a list of all the groups that have global restricted administration permission
Collection<String>	getRestrictedAdminUsers() Get a list of all the users that have global restricted administration permission
Collection<String>	getUsePermissionGroups() Get a list of all the groups that have global read or create plan permission
Collection<String>	getUsePermissionUsers() Get a list of all the users that have global read or create plan permission
boolean	hasGlobalPermission(org.acegisecurity.acls.Permission permission)
com.google.common.base.Predicate<Object>	hasPermission(BambooPermission permission, org.acegisecurity.Authentication authentication) Predicate for {link #hasPermission(permission, object, authentication)}
boolean	hasPermission(org.acegisecurity.acls.Permission permission, Object object, org.acegisecurity.Authentication authentication) Checks whether a permission is granted to access object with given authentication.
boolean	hasPermission(String username, org.acegisecurity.acls.Permission permission, Object object)
boolean	hasPlanPermission(org.acegisecurity.acls.Permission permission, ImmutablePlan plan) Verify plan access
boolean	hasPlanPermission(org.acegisecurity.acls.Permission permission, PlanKey planKey) Verify plan access
boolean	hasProjectEditPermission(Project project)
boolean	isAdmin(String username) Returns true if the user is an admin, false if not
boolean	isAllowedToSetGlobalPermission(org.acegisecurity.acls.Permission permission) Returns true if user is allowed to set specific global permission
boolean	isEnableSignup()
boolean	isSystemAdmin(String username) Returns true if the user is a sysadmin, false if not

Field Detail

SYSTEM_AUTHORITY

static final org.acegisecurity.adapters.PrincipalAcegiUserToken SYSTEM_AUTHORITY

Method Detail

hasPermission

boolean hasPermission(@NotNull
                    org.acegisecurity.acls.Permission permission,
                    @NotNull
                    Object object,
                    @Nullable
                    org.acegisecurity.Authentication authentication)

Checks whether a permission is granted to access object with given authentication.

Parameters:

permission - the permission to check for

object - the domain object on which the permission check will be made

authentication - the authentication/principal whose secury identities will be checked for the permission

Returns:

hasPermission

com.google.common.base.Predicate<Object> hasPermission(@NotNull
                                                     BambooPermission permission,
                                                     @Nullable
                                                     org.acegisecurity.Authentication authentication)

Predicate for {link #hasPermission(permission, object, authentication)}

Parameters:

permission - the permission to check for

authentication - the authentication/principal whose secury identities will be checked for the permission

Returns:

hasPermission

boolean hasPermission(@NotNull
                    String username,
                    @NotNull
                    org.acegisecurity.acls.Permission permission,
                    @NotNull
                    Object object)

hasPlanPermission

boolean hasPlanPermission(@NotNull
                        org.acegisecurity.acls.Permission permission,
                        @NotNull
                        PlanKey planKey)

Verify plan access

Parameters:

permission - permission to check

planKey - key of the plan

Returns:

true iff permission is granted

hasPlanPermission

boolean hasPlanPermission(@NotNull
                        org.acegisecurity.acls.Permission permission,
                        @NotNull
                        ImmutablePlan plan)

Verify plan access

Parameters:

permission - permission to check

plan - plan

Returns:

true iff permission is granted

hasGlobalPermission

boolean hasGlobalPermission(@NotNull
                          org.acegisecurity.acls.Permission permission)

hasProjectEditPermission

boolean hasProjectEditPermission(@Nullable
                               Project project)

isEnableSignup

boolean isEnableSignup()

getPermissionsForPlan

Collection<org.acegisecurity.acls.Permission> getPermissionsForPlan(@NotNull
                                                                  PlanKey planKey)

getAdminGroups

Collection<String> getAdminGroups()

Get a list of all the groups that have global administration permission

Returns:

A list of all the groups that have global administration permission

getRestrictedAdminGroups

@NotNull
Collection<String> getRestrictedAdminGroups()

Get a list of all the groups that have global restricted administration permission

Returns:

A list of all the groups that have global restricted administration permission

getUsePermissionGroups

@NotNull
Collection<String> getUsePermissionGroups()

Get a list of all the groups that have global read or create plan permission

Returns:

A list of all the groups that have global read or create plan permission

getAdminUsers

@NotNull
Collection<String> getAdminUsers()

Get a list of all the users that have global administration permission

Returns:

A list of all the users that have global administration permission

getRestrictedAdminUsers

@NotNull
Collection<String> getRestrictedAdminUsers()

Get a list of all the users that have global restricted administration permission

Returns:

A list of all the users that have global restricted administration permission

getUsePermissionUsers

@NotNull
Collection<String> getUsePermissionUsers()

Get a list of all the users that have global read or create plan permission

Returns:

A list of all the users that have global read or create plan permission

getDefaultUsersGroup

@NotNull
String getDefaultUsersGroup()

Returns:

the name of the default group that users will be added to when they are created

isAdmin

boolean isAdmin(String username)

Returns true if the user is an admin, false if not

Parameters:

username - the user

Returns:

true if the user is an admin, false if not

isSystemAdmin

boolean isSystemAdmin(String username)

Returns true if the user is a sysadmin, false if not

Parameters:

username - the user

Returns:

true if the user is a sysadmin, false if not

isAllowedToSetGlobalPermission

boolean isAllowedToSetGlobalPermission(@NotNull
                                     org.acegisecurity.acls.Permission permission)

Returns true if user is allowed to set specific global permission

Parameters:

permission - permission to check

Returns:

getAcl

org.acegisecurity.acls.Acl getAcl(@NotNull
                                Object object)