Jive Forums API (5.5.20.2-oracle) Core Javadocs

com.jivesoftware.base
Interface PermissionsManager


public interface PermissionsManager

Manages permissions for users and groups on a particular resource.

This class is only intended for administrative purposes, and should not be used by skin authors to check the permissions for individual users. For example, to check if a particular user is authorized to post messages in a forum, the proper code snippet is as follows:

 Forum forum = factory.getForum(1);
 boolean canPost = forum.isAuthorized(ForumPermissions.CREATE_MESSAGE);
 

When adding or removing permissions using this class a permissionType of PermissionType.ADDITIVE or PermissionType.NEGATIVE is required to indicate whether the permission should be 'additive' or 'negative'. Additive permissions indicate that if the permission has been already set in a parent object, it will be inherited by the object and all child objects. Negative permissions on the other hand can be thought of as 'blocking' a permission from being inherited by the object and all child objects.

Two modes for group permission checking are provided:

To enable the alternate mode set the Jive property PermissionsManager.useAltGroupMode to true by adding the following to the jive configuration:

<PermissionsManager><useAltGroupMode>true</useAltGroupMode></PermissionsManager>


Method Summary
 void addAnonymousUserPermission(PermissionType permissionType, long permission)
          Add a permission of the specified PermissionType for anonymous users.
 void addGroupPermission(Group group, PermissionType permissionType, long permission)
          Grants a group a particular permission.
 void addRegisteredUserPermission(PermissionType permissionType, long permission)
          Add a permission of the specified PermissionType for registered users.
 void addUserPermission(User user, PermissionType permissionType, long permission)
          Add a permission of the specified PermissionType for the specified user.
 boolean anonymousUserHasPermission(PermissionType permissionType, long permission)
          Returns true if the anonymous users have a particular permission.
 java.util.Iterator groupsWithPermission(PermissionType permissionType, long permission)
          Returns an Iterator of groups with a particular permission.
 int groupsWithPermissionCount(PermissionType permissionType, long permission)
          Returns a count of the groups that have a particular permission.
 void permissionModificationDetected()
          Is called when a permission is modified.
 boolean registeredUserHasPermission(PermissionType permissionType, long permission)
          Returns true if registered users have a particular permission.
 void removeAllGroupPermissions(PermissionType permissionType)
          Revokes all group permissions.
 void removeAllUserPermissions(PermissionType permissionType)
          Removes all user permissions.
 void removeAnonymousUserPermission(PermissionType permissionType, long permission)
          Removes a permission of the specified PermissionType for anonymous users.
 void removeGroupPermission(Group group, PermissionType permissionType, long permission)
          Removes a permission of the specified PermissionType for a group.
 void removeRegisteredUserPermission(PermissionType permissionType, long permission)
          Removes a permission of the specified PermissionType for registered users.
 void removeUserPermission(User user, PermissionType permissionType, long permission)
          Removes a permission of the specified PermissionType for the specified user.
 java.util.Iterator usersWithPermission(PermissionType permissionType, long permission)
          Returns all the userID's of users with a particular permission.
 int usersWithPermissionCount(PermissionType permissionType, long permission)
          Returns a count of the users that have a particular permission.
 

Method Detail

addUserPermission

void addUserPermission(User user,
                       PermissionType permissionType,
                       long permission)
                       throws UnauthorizedException
Add a permission of the specified PermissionType for the specified user. Only category or system administrators can assign permissions to a category, and only system admins can assign system level and category administration permissions. If this permissions context is at the system level, only system admins can call this method.

Parameters:
user - the User to add a permission to.
permissionType - the type of permission to add.
permission - the permission to add.
Throws:
UnauthorizedException - if does not have proper admin permissions.

addAnonymousUserPermission

void addAnonymousUserPermission(PermissionType permissionType,
                                long permission)
                                throws UnauthorizedException
Add a permission of the specified PermissionType for anonymous users. Any registered user automatically inherits any anonymous user permissions. Only category or system administrators can assign permissions to a category, and only system admins can assign category administration permissions. If this permissions context is at the system level, only system admins can call this method.

Parameters:
permissionType - the type of permission to add.
permission - the permission to add.
Throws:
UnauthorizedException - if does not have proper admin permissions.

addRegisteredUserPermission

void addRegisteredUserPermission(PermissionType permissionType,
                                 long permission)
                                 throws UnauthorizedException
Add a permission of the specified PermissionType for registered users. "Registered Users" does not refer to the static current list of users. Instead, it dynamically matches to any member of the user database. Only category or system administrators can assign permissions to a category, and only system admins can assign category administration permissions. If this permissions context is at the system level, only system admins can call this method.

Parameters:
permissionType - the type of permission to add.
permission - the permission to add.
Throws:
UnauthorizedException - if does not have proper admin permissions.

removeUserPermission

void removeUserPermission(User user,
                          PermissionType permissionType,
                          long permission)
                          throws UnauthorizedException
Removes a permission of the specified PermissionType for the specified user. Only category or system administrators can assign permissions to a category, and only system admins can assign category administration permissions. If this permissions context is at the system level, only system admins can call this method.

Parameters:
user - the User to remove a permission from.
permissionType - the type of permission to remove.
Throws:
UnauthorizedException - if does not have proper admin permissions.

removeAnonymousUserPermission

void removeAnonymousUserPermission(PermissionType permissionType,
                                   long permission)
                                   throws UnauthorizedException
Removes a permission of the specified PermissionType for anonymous users. Only category or system administrators can assign permissions to a category, and only system admins can assign category administration permissions. If this permissions context is at the system level, only system admins can call this method.

Parameters:
permissionType - the type of permission to remove.
Throws:
UnauthorizedException - if does not have proper admin permissions.

removeRegisteredUserPermission

void removeRegisteredUserPermission(PermissionType permissionType,
                                    long permission)
                                    throws UnauthorizedException
Removes a permission of the specified PermissionType for registered users. "Registered Users" does not refer to the static current list of users. Instead, it dynamically matches to any member of the user database. Only category or system administrators can assign permissions to a category, and only system admins can assign category administration permissions. If this permissions context is at the system level, only system admins can call this method.

Parameters:
permissionType - the type of permission to remove.
Throws:
UnauthorizedException - if does not have proper admin permissions.

removeAllUserPermissions

void removeAllUserPermissions(PermissionType permissionType)
                              throws UnauthorizedException
Removes all user permissions. Only system administrators can call this method.

Parameters:
permissionType - the type of permissions to remove.
Throws:
UnauthorizedException - if not a system admin.

anonymousUserHasPermission

boolean anonymousUserHasPermission(PermissionType permissionType,
                                   long permission)
Returns true if the anonymous users have a particular permission.

Parameters:
permissionType - the type of permission to check.
permission - the permission to check.
Returns:
true if anonymous users have the specified permission.

registeredUserHasPermission

boolean registeredUserHasPermission(PermissionType permissionType,
                                    long permission)
Returns true if registered users have a particular permission. "Registered Users" does not refer to the static current list of users. Instead, it dynamically matches to any member of the user database.

Parameters:
permissionType - the type of permission to check.
permission - the permission to check.
Returns:
true if all registered users have the specified permission.

usersWithPermission

java.util.Iterator usersWithPermission(PermissionType permissionType,
                                       long permission)
Returns all the userID's of users with a particular permission. This list does not include the special "anonymous users" and "registered users" permission types. This method is not the normal method for determining if a user has a certain permission on an object in the system; instead it is only useful for permission management. For example, to check if a user has read access on a knowledge base category, simply call category.isAuthorized(KbPermissions.READ_ENTRY), where category is the category you want to check perms on.

Parameters:
permissionType - the type of permission to check.
permission - the permission to check.
Returns:
an Iterator of all the users with the specified permission.

usersWithPermissionCount

int usersWithPermissionCount(PermissionType permissionType,
                             long permission)
Returns a count of the users that have a particular permission. This list does not include the special "anonymous users" and "registered users" permission types.

Parameters:
permissionType - the type of permission to check.
permission - the permission to check.
Returns:
a count of the users that have a particular permission.

addGroupPermission

void addGroupPermission(Group group,
                        PermissionType permissionType,
                        long permission)
                        throws UnauthorizedException
Grants a group a particular permission. Only category or system administrators can assign permissions to a category, and only system admins can assign category administration permissions. If this permissions context is at the system level, only system admins can call this method.

Parameters:
group - the group to grant a permission to.
permissionType - the type of permission to add.
permission - the permission to grant the group.
Throws:
UnauthorizedException - if does not have proper admin permissions.

removeGroupPermission

void removeGroupPermission(Group group,
                           PermissionType permissionType,
                           long permission)
                           throws UnauthorizedException
Removes a permission of the specified PermissionType for a group. Only category or system administrators can assign permissions to a category, and only system admins can assign category administration permissions. If this permissions context is at the system level, only system admins can call this method.

Parameters:
group - the group to remove the permission from.
permissionType - the type of permission to remove.
permission - the permission to remove.
Throws:
UnauthorizedException - if does not have proper admin permissions.

removeAllGroupPermissions

void removeAllGroupPermissions(PermissionType permissionType)
                               throws UnauthorizedException
Revokes all group permissions. Only system admins can call this method.

Parameters:
permissionType - the type of permissions to remove.
Throws:
UnauthorizedException - if not a system admin.

groupsWithPermission

java.util.Iterator groupsWithPermission(PermissionType permissionType,
                                        long permission)
Returns an Iterator of groups with a particular permission.

Parameters:
permissionType - the type of permission to check.
permission - the permission to check.
Returns:
an Iterator of all the groups with the specified permission.

groupsWithPermissionCount

int groupsWithPermissionCount(PermissionType permissionType,
                              long permission)
Returns a count of the groups that have a particular permission.

Parameters:
permissionType - the type of permission to check.
permission - the permission to check.
Returns:
a count of the groups that have a particular permission.

permissionModificationDetected

void permissionModificationDetected()
Is called when a permission is modified.


Jive Forums Project Page

Copyright © 1999-2006 Jive Software.