Package com.atlassian.confluence.impl.security

Class AbstractSpacePermissionManager

java.lang.Object
com.atlassian.confluence.impl.security.AbstractSpacePermissionManager
All Implemented Interfaces:
SpacePermissionManagerInternal, SpacePermissionSaverInternal, DefaultConfluenceAccessManager.AccessManagerPermissionChecker, SpacePermissionManager, SpacePermissionSaver
Direct Known Subclasses:
CoarseGrainedCachingSpacePermissionManager, DefaultSpacePermissionManager
@ParametersAreNonnullByDefault public abstract class AbstractSpacePermissionManager extends Object implements SpacePermissionManagerInternal, DefaultConfluenceAccessManager.AccessManagerPermissionChecker
Since:
7.16

  • Constructor Details

  • Method Details

    • hasPermission

      public final boolean hasPermission(String permissionType, @Nullable Space space, @Nullable ConfluenceUser remoteUser)
      Description copied from interface: SpacePermissionManager
      Determines if remoteUser has the given permission in space

      Unless you're writing code that is part of the permission checking implementation, or you're changing space permissions, you should be using PermissionManager instead.

      Specified by:
      hasPermission in interface SpacePermissionManager
      Parameters:
      permissionType - The permission type to look up
      space - The space the permission applies to (can be null for global permissions)
      Returns:
      true if remoteUser has the permission, false otherwise

    • hasPermissionNoExemptions

      public boolean hasPermissionNoExemptions(String permissionType, @Nullable Space space, @Nullable ConfluenceUser remoteUser)
      Description copied from interface: SpacePermissionManager
      Returns true if the user has the specified permission on the target space. This method does not allow exemptions for super-users like SpacePermissionManager.hasPermission(String, Space, User) does.

      For parameter and return value information, see SpacePermissionManager.hasPermission(String, Space, User).

      Specified by:
      hasPermissionNoExemptions in interface SpacePermissionManager

    • hasPermissionNoExemptionsExceptViaNestedGroups

      public boolean hasPermissionNoExemptionsExceptViaNestedGroups(String permissionType, @Nullable Space space, @Nullable ConfluenceUser remoteUser)
      Description copied from interface: SpacePermissionManager
      Returns true if the user has the specified permission on the target space except if it gets it from some parent of its parent group. This method does not allow exemptions for super-users like SpacePermissionManager.hasPermission(String, Space, User) does.

      For parameter and return value information, see SpacePermissionManager.hasPermission(String, Space, User).

      Specified by:
      hasPermissionNoExemptionsExceptViaNestedGroups in interface SpacePermissionManager

    • hasAllPermissions

      public final boolean hasAllPermissions(List<String> permissionTypes, @Nullable Space space, @Nullable ConfluenceUser user)
      Description copied from interface: SpacePermissionManager
      Determines if remoteUser has all of the given permissions in space

      If remoteUser lacks any of the given permissions, false is returned.

      Unless you're writing code that is part of the permission checking implementation, or you're changing space permissions, you should be using PermissionManager instead.

      Specified by:
      hasAllPermissions in interface SpacePermissionManager
      Parameters:
      permissionTypes - A List of permission types (see SpacePermission) to check
      space - The space the permissions apply to
      user - The user to look up
      Returns:
      true if remoteUser has the permission, false otherwise

    • hasGlobalPermissionViaGroups

      public final boolean hasGlobalPermissionViaGroups(@NonNull ConfluenceUser user, String permissionType)
      Used by DefaultConfluenceAccessManager via an awkward circular dependency: hence this method must NOT call ConfluenceAccessManager.
      Specified by:
      hasGlobalPermissionViaGroups in interface DefaultConfluenceAccessManager.AccessManagerPermissionChecker
      permissionType - the SpacePermission type to look for.
      Returns:
      true if the user has this permission specifically via group memberships

    • groupHasPermission

      public boolean groupHasPermission(String permissionType, @Nullable Space space, String group)
      Description copied from interface: SpacePermissionManager
      Checks whether the given group has the given permission

      If a null space is specified, this method looks up matching global permissions, otherwise space's permissions list is queried to see if the permission matches.

      Similarly, if permissionType is not a space permission, a matching global permission is looked up.

      Specified by:
      groupHasPermission in interface SpacePermissionManager
      Parameters:
      permissionType - The permission type to look up
      space - The space the permission applies to (can be null for global permissions)
      group - The group to look up the permission for
      Returns:
      true if the group has the required permission, false otherwise

    • getGroupNamesWithPermission

      protected abstract Iterable<String> getGroupNamesWithPermission(@Nullable Space targetSpace, String permissionType)

    • hasPermissionForSpace

      public final boolean hasPermissionForSpace(@Nullable ConfluenceUser user, List permissionTypes, @Nullable Space space)
      Specified by:
      hasPermissionForSpace in interface SpacePermissionManager

    • getDefaultGlobalPermissions

      public Set<SpacePermission> getDefaultGlobalPermissions()
      Description copied from interface: SpacePermissionManager
      Returns the default global permissions that are created when Confluence is set up. These will exist in a newly set up system but may be removed afterwards. Note that the returned objects are freshly created and therefore do not have IDs or other persistence data.

      By default, confluence-administrators group has admin access, the default confluence users group can view the system and anonymous access is disabled.

      Specified by:
      getDefaultGlobalPermissions in interface SpacePermissionManager
      Returns:
      a collection of SpacePermissions.

    • isPermittedInReadOnlyAccessMode

      public boolean isPermittedInReadOnlyAccessMode(String permissionType)
      Description copied from interface: SpacePermissionManager
      Check if the permission type is permitted in read only access mode
      Specified by:
      isPermittedInReadOnlyAccessMode in interface SpacePermissionManager
      Parameters:
      permissionType - the permission type to be checked
      Returns:
      true if the permission type is permitted in read only access mode

    • groupInheritsPermission

      public boolean groupInheritsPermission(String permissionType, @Nullable Space space, String group)
      Description copied from interface: SpacePermissionManager
      Checks whether the given group inherits the given permission and not has it directly.

      If a null space is specified, this method looks up matching global permissions, otherwise space's permissions list is queried to see if the permission matches.

      Similarly, if permissionType is not a space permission, a matching global permission is looked up.

      Specified by:
      groupInheritsPermission in interface SpacePermissionManager
      Parameters:
      permissionType - The permission type to look up
      space - The space the permission applies to (can be null for global permissions)
      group - The group to look up the permission for
      Returns:
      true only if the group inherits the required permission and not has it directly, false otherwise