Class DelegatingSpacePermissionManager
java.lang.Object
com.atlassian.confluence.internal.security.DelegatingSpacePermissionManager
- All Implemented Interfaces:
SpacePermissionManagerInternal,SpacePermissionSaverInternal,SpacePermissionManager,SpacePermissionSaver
- Direct Known Subclasses:
RecoveryAwareSpacePermissionManager,ScopesAwareSpacePermissionManager
public class DelegatingSpacePermissionManager
extends Object
implements SpacePermissionManagerInternal
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidvoidvoidgetAllPermissionsForGroup(String group) Returns the default global permissions that are created when Confluence is set up.getGlobalPermissions(String permissionType) getGroupsForPermissionType(String permissionType, Space space) Collection<com.atlassian.user.Group>getGroupsWithPermissions(@Nullable Space space) Returns all groups which have permissions in a space or on a global level.Get all permissions granted to the anonymous users in the given spacegetPermissionsForGroup(String group, Space space) Get all permissions for the given group in the specified spacegetPermissionsForUser(ConfluenceUser user, Space space) Get all permissions for the given user in the specified spacegetUsersForPermissionType(String permissionType, Space space) Collection<com.atlassian.user.User>getUsersWithPermissions(@Nullable Space space) Returns a collection of user objects with VIEWSPACE_PERMISSION in the space.booleangroupHasPermission(String permissionType, @Nullable Space space, String group) Checks whether the given group has the given permissionbooleangroupInheritsPermission(String permissionType, @Nullable Space space, String group) Checks whether the given group inherits the given permission and not has it directly.booleanhasAllPermissions(List<String> permissionTypes, @Nullable Space space, @Nullable ConfluenceUser user) Determines if remoteUser has all of the given permissions in spacebooleanhasPermission(String permissionType, @Nullable Space space, @Nullable ConfluenceUser user) Determines if remoteUser has the given permission in spacebooleanhasPermissionForSpace(@Nullable ConfluenceUser user, List permissionTypes, @Nullable Space space) booleanhasPermissionForSpace(@Nullable com.atlassian.user.User user, List permissionTypes, @Nullable Space space) Deprecated.booleanhasPermissionNoExemptions(String permissionType, @Nullable Space space, @Nullable ConfluenceUser remoteUser) Returns true if the user has the specified permission on the target space.booleanhasPermissionNoExemptionsExceptViaNestedGroups(String permissionType, @Nullable Space space, @Nullable ConfluenceUser remoteUser) Returns true if the user has the specified permission on the target space except if it gets it from some parent of its parent group.booleanisPermittedInReadOnlyAccessMode(String permissionType) Check if the permission type is permitted in read only access modebooleanpermissionExists(SpacePermission permission) Check whether the given SpacePermission exists.voidremoveAllPermissions(Space space) Deprecated.voidremoveAllPermissions(Space space, SpacePermissionContext context) Removes all permissions belonging to spacevoidDeprecated.voidremoveAllPermissionsForGroup(String group, SpacePermissionContext context) Removes all permissions for the given group.voidDeprecated.voidremoveAllUserPermissions(ConfluenceUser user, SpacePermissionContext context) Removes all permissions for the given user.voidremoveGlobalPermissionForUser(ConfluenceUser user, String permissionType) Deprecated.voidremoveGlobalPermissionForUser(ConfluenceUser user, String permissionType, SpacePermissionContext context) Removes global permission of specified type that is directly associated with a user.voidremovePermission(SpacePermission permission) Deprecated.voidremovePermission(SpacePermission permission, SpacePermissionContext context) Removes the given permission.voidremovePermissions(Collection<SpacePermission> permissionsToRemove, SpacePermissionContext context) Removes the given permissions.voidsaveGlobalPermissions(Collection<SpacePermission> spacePermissions, SpacePermissionContext context) Adds global permissionsvoidsavePermission(SpacePermission permission) Deprecated.voidsavePermission(SpacePermission permission, SpacePermissionContext context) Saves the permission.voidsaveSpacePermissions(@NonNull Space space, Collection<SpacePermission> spacePermissions, SpacePermissionContext context) Adds space permissions to the spaceMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface com.atlassian.confluence.security.SpacePermissionManager
hasAllPermissions, hasPermission, hasPermissionNoExemptions
-
Constructor Details
-
DelegatingSpacePermissionManager
-
-
Method Details
-
removeAllPermissions
Description copied from interface:SpacePermissionManagerInternalRemoves all permissions belonging to space- Specified by:
removeAllPermissionsin interfaceSpacePermissionManagerInternal- Parameters:
space- The space to remove the permissions forcontext- The context for this removal
-
removePermission
Description copied from interface:SpacePermissionManagerInternalRemoves the given permission.May generate a
SpacePermissionRemoveEventin the process, depending on the context.- Specified by:
removePermissionin interfaceSpacePermissionManagerInternal- Parameters:
permission- the permission to removecontext- the context for the removal
-
removePermissions
public void removePermissions(Collection<SpacePermission> permissionsToRemove, SpacePermissionContext context) Description copied from interface:SpacePermissionManagerInternalRemoves the given permissions.May generate a
SpacePermissionRemoveEventin the process, depending on the context.- Specified by:
removePermissionsin interfaceSpacePermissionManagerInternal- Parameters:
permissionsToRemove- the permissions to removecontext- the context for the removal
-
removeAllUserPermissions
Description copied from interface:SpacePermissionManagerInternalRemoves all permissions for the given user.May generate a
SpacePermissionsRemoveForUserEventin the process, depending on the context.- Specified by:
removeAllUserPermissionsin interfaceSpacePermissionManagerInternal- Parameters:
user- the user to remove permissions forcontext- the context for the removal
-
removeGlobalPermissionForUser
public void removeGlobalPermissionForUser(ConfluenceUser user, String permissionType, SpacePermissionContext context) Description copied from interface:SpacePermissionManagerInternalRemoves global permission of specified type that is directly associated with a user.May generate a
SpacePermissionsRemoveForUserEventin the process, depending on the context.- Specified by:
removeGlobalPermissionForUserin interfaceSpacePermissionManagerInternal- Parameters:
user- the user to look uppermissionType- the permission type to removecontext- the context for the removal
-
removeAllPermissionsForGroup
Description copied from interface:SpacePermissionManagerInternalRemoves all permissions for the given group.May generate a
SpacePermissionsRemoveForGroupEventin the process, depending on the context.- Specified by:
removeAllPermissionsForGroupin interfaceSpacePermissionManagerInternal- Parameters:
group- the group to remove
-
removeAllPermissions
Deprecated.Description copied from interface:SpacePermissionManagerRemoves all permissions belonging to space- Specified by:
removeAllPermissionsin interfaceSpacePermissionManager- Parameters:
space- The space to remove the permissions for
-
removePermission
Deprecated.Description copied from interface:SpacePermissionManagerRemoves the given permission, and generates aSpacePermissionRemoveEventin the process.- Specified by:
removePermissionin interfaceSpacePermissionManager- Parameters:
permission- the permission to remove
-
hasPermission
public boolean hasPermission(String permissionType, @Nullable Space space, @Nullable ConfluenceUser user) Description copied from interface:SpacePermissionManagerDetermines if remoteUser has the given permission in spaceUnless you're writing code that is part of the permission checking implementation, or you're changing space permissions, you should be using
PermissionManagerinstead.- Specified by:
hasPermissionin interfaceSpacePermissionManager- Parameters:
permissionType- The permission type to look upspace- The space the permission applies to (can be null for global permissions)- Returns:
- true if remoteUser has the permission, false otherwise
-
hasPermissionNoExemptions
public boolean hasPermissionNoExemptions(String permissionType, @Nullable Space space, @Nullable ConfluenceUser remoteUser) Description copied from interface:SpacePermissionManagerReturns true if the user has the specified permission on the target space. This method does not allow exemptions for super-users likeSpacePermissionManager.hasPermission(String, Space, User)does.For parameter and return value information, see
SpacePermissionManager.hasPermission(String, Space, User).- Specified by:
hasPermissionNoExemptionsin interfaceSpacePermissionManager
-
hasPermissionNoExemptionsExceptViaNestedGroups
public boolean hasPermissionNoExemptionsExceptViaNestedGroups(String permissionType, @Nullable Space space, @Nullable ConfluenceUser remoteUser) Description copied from interface:SpacePermissionManagerReturns true if the user has the specified permission on the target space except if it gets it from some parent of its parent group. This method does not allow exemptions for super-users likeSpacePermissionManager.hasPermission(String, Space, User)does.For parameter and return value information, see
SpacePermissionManager.hasPermission(String, Space, User).- Specified by:
hasPermissionNoExemptionsExceptViaNestedGroupsin interfaceSpacePermissionManager
-
hasAllPermissions
public boolean hasAllPermissions(List<String> permissionTypes, @Nullable Space space, @Nullable ConfluenceUser user) Description copied from interface:SpacePermissionManagerDetermines if remoteUser has all of the given permissions in spaceIf remoteUser lacks any of the given permissions, false is returned.
Unless you're writing code that is part of the permission checking implementation, or you're changing space permissions, you should be using
PermissionManagerinstead.- Specified by:
hasAllPermissionsin interfaceSpacePermissionManager- Parameters:
permissionTypes- A List of permission types (see SpacePermission) to checkspace- The space the permissions apply touser- The user to look up- Returns:
- true if remoteUser has the permission, false otherwise
-
removeAllUserPermissions
Deprecated.Description copied from interface:SpacePermissionManagerRemoves all permissions for the given user, and generates aSpacePermissionsRemoveForUserEventin the process.- Specified by:
removeAllUserPermissionsin interfaceSpacePermissionManager
-
removeGlobalPermissionForUser
Deprecated.Description copied from interface:SpacePermissionManagerRemoves global permission of specified type that is directly associated with a user, and generates aSpacePermissionsRemoveForUserEventin the process.- Specified by:
removeGlobalPermissionForUserin interfaceSpacePermissionManager- Parameters:
user- the user to look uppermissionType- the permission type to remove
-
removeAllPermissionsForGroup
Deprecated.Description copied from interface:SpacePermissionManagerRemoves all permissions for the given group, and generates aSpacePermissionsRemoveForGroupEventin the process.- Specified by:
removeAllPermissionsForGroupin interfaceSpacePermissionManager- Parameters:
group- the group to remove
-
getAllPermissionsForGroup
- Specified by:
getAllPermissionsForGroupin interfaceSpacePermissionManager
-
getGlobalPermissions
- Specified by:
getGlobalPermissionsin interfaceSpacePermissionManager
-
getGlobalPermissions
@Transactional(readOnly=true) public List<SpacePermission> getGlobalPermissions(String permissionType) - Specified by:
getGlobalPermissionsin interfaceSpacePermissionManager
-
flushCaches
public void flushCaches()- Specified by:
flushCachesin interfaceSpacePermissionManager
-
groupHasPermission
Description copied from interface:SpacePermissionManagerChecks whether the given group has the given permissionIf a null space is specified, this method looks up matching global permissions, otherwise space's permissions list is queried to see if the permission matches.
Similarly, if permissionType is not a space permission, a matching global permission is looked up.
- Specified by:
groupHasPermissionin interfaceSpacePermissionManager- Parameters:
permissionType- The permission type to look upspace- The space the permission applies to (can be null for global permissions)group- The group to look up the permission for- Returns:
- true if the group has the required permission, false otherwise
-
createDefaultSpacePermissions
- Specified by:
createDefaultSpacePermissionsin interfaceSpacePermissionManager
-
createPrivateSpacePermissions
- Specified by:
createPrivateSpacePermissionsin interfaceSpacePermissionManager
-
hasPermissionForSpace
public boolean hasPermissionForSpace(@Nullable ConfluenceUser user, List permissionTypes, @Nullable Space space) - Specified by:
hasPermissionForSpacein interfaceSpacePermissionManager
-
hasPermissionForSpace
@Deprecated public boolean hasPermissionForSpace(@Nullable com.atlassian.user.User user, List permissionTypes, @Nullable Space space) Deprecated.- Specified by:
hasPermissionForSpacein interfaceSpacePermissionManager
-
getGroupsWithPermissions
@Transactional(readOnly=true) public Collection<com.atlassian.user.Group> getGroupsWithPermissions(@Nullable Space space) Description copied from interface:SpacePermissionManagerReturns all groups which have permissions in a space or on a global level. If space is null, permissions on the global level will be checked.- Specified by:
getGroupsWithPermissionsin interfaceSpacePermissionManager- Parameters:
space- - space to query, if null global permissions returned- Returns:
- Collection of groups with permissions
-
getGroupsForPermissionType
@Transactional(readOnly=true) public Map<String,Long> getGroupsForPermissionType(String permissionType, Space space) - Specified by:
getGroupsForPermissionTypein interfaceSpacePermissionManager
-
getUsersWithPermissions
@Transactional(readOnly=true) public Collection<com.atlassian.user.User> getUsersWithPermissions(@Nullable Space space) Description copied from interface:SpacePermissionManagerReturns a collection of user objects with VIEWSPACE_PERMISSION in the space. If no space is provided A list of users with USE_CONFLUENCE_PERMISSION will be returned- Specified by:
getUsersWithPermissionsin interfaceSpacePermissionManager- Parameters:
space- - space to query, if null global permissions returned- Returns:
- Collection of User objects
-
getUsersForPermissionType
@Transactional(readOnly=true) public Map<String,Long> getUsersForPermissionType(String permissionType, Space space) - Specified by:
getUsersForPermissionTypein interfaceSpacePermissionManager
-
permissionExists
Description copied from interface:SpacePermissionManagerCheck whether the given SpacePermission exists. Checks by attribute equality rather than by id.- Specified by:
permissionExistsin interfaceSpacePermissionManager- Parameters:
permission- the permission to look for.- Returns:
- true if the permission is recognised by the manager as existing.
-
getDefaultGlobalPermissions
Description copied from interface:SpacePermissionManagerReturns the default global permissions that are created when Confluence is set up. These will exist in a newly set up system but may be removed afterwards. Note that the returned objects are freshly created and therefore do not have IDs or other persistence data.By default, confluence-administrators group has admin access, the default confluence users group can view the system and anonymous access is disabled.
- Specified by:
getDefaultGlobalPermissionsin interfaceSpacePermissionManager- Returns:
- a collection of
SpacePermissions.
-
isPermittedInReadOnlyAccessMode
Description copied from interface:SpacePermissionManagerCheck if the permission type is permitted in read only access mode- Specified by:
isPermittedInReadOnlyAccessModein interfaceSpacePermissionManager- Parameters:
permissionType- the permission type to be checked- Returns:
- true if the permission type is permitted in read only access mode
-
getPermissionsForUser
@Transactional(readOnly=true) public List<SpacePermission> getPermissionsForUser(ConfluenceUser user, Space space) Description copied from interface:SpacePermissionManagerGet all permissions for the given user in the specified space- Specified by:
getPermissionsForUserin interfaceSpacePermissionManager- Parameters:
user- the user to look upspace- the space entity- Returns:
- a list of space permissions granted to the user in the given space
-
getPermissionsForGroup
@Transactional(readOnly=true) public List<SpacePermission> getPermissionsForGroup(String group, Space space) Description copied from interface:SpacePermissionManagerGet all permissions for the given group in the specified space- Specified by:
getPermissionsForGroupin interfaceSpacePermissionManager- Parameters:
group- the name of the groupspace- the space entity- Returns:
- a list of space permissions granted to the group in the given space
-
getPermissionsForAnonymousUsers
@Transactional(readOnly=true) public List<SpacePermission> getPermissionsForAnonymousUsers(Space space) Description copied from interface:SpacePermissionManagerGet all permissions granted to the anonymous users in the given space- Specified by:
getPermissionsForAnonymousUsersin interfaceSpacePermissionManager- Parameters:
space- the space entity- Returns:
- a list of space permissions granted to anonymous users in the given space
-
groupInheritsPermission
Description copied from interface:SpacePermissionManagerChecks whether the given group inherits the given permission and not has it directly.If a null space is specified, this method looks up matching global permissions, otherwise space's permissions list is queried to see if the permission matches.
Similarly, if permissionType is not a space permission, a matching global permission is looked up.
- Specified by:
groupInheritsPermissionin interfaceSpacePermissionManager- Parameters:
permissionType- The permission type to look upspace- The space the permission applies to (can be null for global permissions)group- The group to look up the permission for- Returns:
- true only if the group inherits the required permission and not has it directly, false otherwise
-
savePermission
Deprecated.Description copied from interface:SpacePermissionSaverSaves the permission, and generates aSpacePermissionSaveEventin the process.- Specified by:
savePermissionin interfaceSpacePermissionSaver
-
savePermission
Description copied from interface:SpacePermissionSaverInternalSaves the permission.May generate a
SpacePermissionSaveEventin the process, depending on the context.- Specified by:
savePermissionin interfaceSpacePermissionSaverInternal- Parameters:
permission- the permission to savecontext- the context for the save
-
saveSpacePermissions
public void saveSpacePermissions(@NonNull Space space, Collection<SpacePermission> spacePermissions, SpacePermissionContext context) Description copied from interface:SpacePermissionSaverInternalAdds space permissions to the space- Specified by:
saveSpacePermissionsin interfaceSpacePermissionSaverInternal- Parameters:
space- Space to which permissions should be grantedspacePermissions- Collection of space permissions. They should all belong to the same space.context- the context of the save
-
saveGlobalPermissions
public void saveGlobalPermissions(Collection<SpacePermission> spacePermissions, SpacePermissionContext context) Description copied from interface:SpacePermissionSaverInternalAdds global permissions- Specified by:
saveGlobalPermissionsin interfaceSpacePermissionSaverInternal- Parameters:
spacePermissions- Collection of global permissions.context- the context of the save
-