hudson.security

Class FullControlOnceLoggedInAuthorizationStrategy

java.lang.Object

hudson.model.AbstractDescribableImpl<AuthorizationStrategy>

hudson.security.AuthorizationStrategy

hudson.security.FullControlOnceLoggedInAuthorizationStrategy

All Implemented Interfaces:

ExtensionPoint, Describable<AuthorizationStrategy>

public class FullControlOnceLoggedInAuthorizationStrategy
extends AuthorizationStrategy

AuthorizationStrategy that grants full-control to authenticated user and optionally read access to anonymous users

Author:

Kohsuke Kawaguchi

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	FullControlOnceLoggedInAuthorizationStrategy.DescriptorImpl

Nested classes/interfaces inherited from class hudson.security.AuthorizationStrategy

AuthorizationStrategy.Unsecured

Nested classes/interfaces inherited from interface hudson.ExtensionPoint

ExtensionPoint.LegacyInstancesAreScopedToHudson

Field Summary

Fields

Modifier and Type	Field and Description
static Descriptor<AuthorizationStrategy>	DESCRIPTOR Deprecated. as of 1.643 Inject descriptor via Inject.

Fields inherited from class hudson.security.AuthorizationStrategy

LIST, UNSECURED

Constructor Summary

Constructors

Constructor and Description
FullControlOnceLoggedInAuthorizationStrategy()

Method Summary

Modifier and Type	Method and Description
List<String>	getGroups() Returns the list of all group/role names used in this authorization strategy, and the ACL returned from the AuthorizationStrategy.getRootACL() method.
ACL	getRootACL() Returns the instance of ACL where all the other ACL instances for all the other model objects eventually delegate.
boolean	isAllowAnonymousRead() If true, anonymous read access will be allowed
void	setAllowAnonymousRead(boolean allowAnonymousRead)

Methods inherited from class hudson.security.AuthorizationStrategy

all, getACL, getACL, getACL, getACL, getACL, getACL, getACL, getACL

Methods inherited from class hudson.model.AbstractDescribableImpl

getDescriptor

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DESCRIPTOR

@Deprecated
 @Restricted(value=org.kohsuke.accmod.restrictions.NoExternalUse.class)
public static Descriptor<AuthorizationStrategy> DESCRIPTOR

Deprecated. as of 1.643 Inject descriptor via Inject.

Constructor Detail

FullControlOnceLoggedInAuthorizationStrategy

@DataBoundConstructor
public FullControlOnceLoggedInAuthorizationStrategy()

Method Detail

getRootACL

public ACL getRootACL()

Description copied from class: AuthorizationStrategy

Returns the instance of ACL where all the other ACL instances for all the other model objects eventually delegate.

IOW, this ACL will have the ultimate say on the access control.

Specified by:

getRootACL in class AuthorizationStrategy

getGroups

public List<String> getGroups()

Description copied from class: AuthorizationStrategy

Returns the list of all group/role names used in this authorization strategy, and the ACL returned from the AuthorizationStrategy.getRootACL() method.

This method is used by ContainerAuthentication to work around the servlet API issue that prevents us from enumerating roles that the user has.

If such enumeration is impossible, do the best to list as many as possible, then return it. In the worst case, just return an empty list. Doing so would prevent users from using role names as group names (see HUDSON-2716 for such one such report.)

Specified by:

getGroups in class AuthorizationStrategy

Returns:

never null.

isAllowAnonymousRead

public boolean isAllowAnonymousRead()

If true, anonymous read access will be allowed

setAllowAnonymousRead

@DataBoundSetter
public void setAllowAnonymousRead(boolean allowAnonymousRead)