Package com.microsoft.jenkins.azuread
Interface AuthorizationContainer
-
- All Known Subinterfaces:
AuthorizationProperty
- All Known Implementing Classes:
AuthorizationMatrixNodeProperty
,AuthorizationMatrixProperty
,AuthorizationMatrixProperty
,AzureAdAuthorizationMatrixFolderProperty
,AzureAdAuthorizationMatrixNodeProperty
,AzureAdAuthorizationMatrixProperty
,AzureAdMatrixAuthorizationStrategy
,GlobalMatrixAuthorizationStrategy
@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) public interface AuthorizationContainer
-
-
Nested Class Summary
Nested Classes Modifier and Type Interface Description static class
AuthorizationContainer.IdStrategyComparator
static class
AuthorizationContainer.PermissionEntryComparator
-
Method Summary
All Methods Static Methods Instance Methods Abstract Methods Default Methods Deprecated Methods Modifier and Type Method Description default void
add(Permission permission, PermissionEntry entry)
Adds togetGrantedPermissionEntries()
.default void
add(Permission permission, String sid)
Deprecated.Since 3.0, useadd(Permission, PermissionEntry)
instead.default void
add(String shortForm)
Works likeadd(Permission, PermissionEntry)
but takes both parameters from a single string of the formPERMISSION_ID:sid
(legacy format, implicit 'EITHER' type) ortype:PERMISSION_ID:sid
(new since 3.0).default List<PermissionEntry>
getAllPermissionEntries()
default List<String>
getAllSIDs()
Deprecated.Since 3.0, use {getAllPermissionEntries()
} instead.Descriptor
getDescriptor()
Permission
getEditingPermission()
Map<Permission,Set<PermissionEntry>>
getGrantedPermissionEntries()
Returns a live modifiable map of permissions.default Map<Permission,Set<String>>
getGrantedPermissions()
Deprecated.Since 3.0, use {getGrantedPermissionEntries()
} instead.Set<String>
getGroups()
Internal only: Returns all recorded (possible) group sids to allow populatingAuthorizationStrategy.getGroups()
.default boolean
hasExplicitPermission(PermissionEntry entry, Permission p)
Return true if and only if the exact permission entry is explicitly granted the specified permission, ignoring compatible types (e.g.default boolean
hasExplicitPermission(String sid, Permission p)
Deprecated.default boolean
hasPermission(String sid, Permission p)
Deprecated.UsehasPermission(String, Permission, boolean)
instead.default boolean
hasPermission(String sid, Permission p, boolean principal)
Checks if the given SID has the given permission.static Permission
parsePermission(String permission)
void
recordGroup(String sid)
Internal only: Record use of a (possible) group sid to be later returned ingetGroups()
.
-
-
-
Field Detail
-
LOGGER
static final Logger LOGGER
-
-
Method Detail
-
add
@Deprecated default void add(Permission permission, String sid)
Deprecated.Since 3.0, useadd(Permission, PermissionEntry)
instead.
-
add
default void add(Permission permission, PermissionEntry entry)
Adds togetGrantedPermissionEntries()
. Use of this method should be limited during construction, as this object itself is considered immutable once populated.- Since:
- 3.0
-
getGrantedPermissions
@Deprecated default Map<Permission,Set<String>> getGrantedPermissions()
Deprecated.Since 3.0, use {getGrantedPermissionEntries()
} instead.Returns all the (Permission, sid) tuples where permissions are granted to either groups or users. This does NOT include permissions granted specifically to users or groups (added in 3.0).- Returns:
- read-only. never null.
-
getGrantedPermissionEntries
Map<Permission,Set<PermissionEntry>> getGrantedPermissionEntries()
Returns a live modifiable map of permissions. This return value needs to be treated as unmodifiable from shortly after object construction (even though it isn't for practical reasons).- Since:
- 3.0
-
getGroups
Set<String> getGroups()
Internal only: Returns all recorded (possible) group sids to allow populatingAuthorizationStrategy.getGroups()
.- Since:
- 3.0
-
recordGroup
void recordGroup(String sid)
Internal only: Record use of a (possible) group sid to be later returned ingetGroups()
.
-
getDescriptor
Descriptor getDescriptor()
-
add
@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) default void add(String shortForm)
Works likeadd(Permission, PermissionEntry)
but takes both parameters from a single string of the formPERMISSION_ID:sid
(legacy format, implicit 'EITHER' type) ortype:PERMISSION_ID:sid
(new since 3.0).The supported formats for
PERMISSION_ID
are:- Internal ID:
hudson.model.Hudson.ADMINISTER
- UI short form:
Overall/Administer
- See Also:
Permission.fromId(String)
,PermissionFinder
- Internal ID:
-
parsePermission
@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) static Permission parsePermission(String permission)
-
getEditingPermission
@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) Permission getEditingPermission()
-
getAllSIDs
@Deprecated default List<String> getAllSIDs()
Deprecated.Since 3.0, use {getAllPermissionEntries()
} instead.Returns SIDs configured in this matrix with 'either' (legacy pre-3.0) type, minus "anonymous". This does NOT include permissions granted specifically to users or groups (new in 3.0).- Returns:
- Always non-null.
-
getAllPermissionEntries
default List<PermissionEntry> getAllPermissionEntries()
-
hasPermission
@Deprecated default boolean hasPermission(String sid, Permission p)
Deprecated.UsehasPermission(String, Permission, boolean)
instead.Checks if the given SID has the given permission.
-
hasPermission
default boolean hasPermission(String sid, Permission p, boolean principal)
Checks if the given SID has the given permission.
-
hasExplicitPermission
@Deprecated default boolean hasExplicitPermission(String sid, Permission p)
Deprecated.Checks if the permission is explicitly given, instead of implied throughPermission.impliedBy
.
-
hasExplicitPermission
default boolean hasExplicitPermission(PermissionEntry entry, Permission p)
Return true if and only if the exact permission entry is explicitly granted the specified permission, ignoring compatible types (e.g. passing USER will not match an EITHER entry) and implications.- Parameters:
entry
- the entry to check forp
- the permission to check for- Returns:
- true if and only if the exact entry matches
- Since:
- 3.0
-
-