Class Permission


public final class Permission extends Object
Permission, which represents activity that requires a security privilege.

Each permission is represented by a specific instance of Permission.

Kohsuke Kawaguchi
See Also:
  • Field Details


      public static final Comparator<Permission> ID_COMPARATOR
      Comparator that orders Permission objects based on their ID.
    • owner

      @NonNull public final Class owner
    • group

      @NonNull public final PermissionGroup group
    • name

      @NonNull public final String name
      Human readable ID of the permission.

      This name should uniquely determine a permission among its owner class. The name must be a valid Java identifier.

      The expected naming convention is something like "BrowseWorkspace".

    • description

      @CheckForNull public final org.jvnet.localizer.Localizable description
      Human-readable description of this permission. Used as a tooltip to explain this permission, so this message should be a couple of sentences long.

      If null, there will be no description text.

    • impliedBy

      @CheckForNull public final Permission impliedBy
      Bundled Permission that also implies this permission.

      This allows us to organize permissions in a hierarchy, so that for example we can say "view workspace" permission is implied by the (broader) "read" permission.

      The idea here is that for most people, access control based on such broad permission bundle is good enough, and those few that need finer control can do so.

    • enabled

      public boolean enabled
      Whether this permission is available for use.

      This allows us to dynamically enable or disable the visibility of permissions, so administrators can control the complexity of their permission matrix.


      @Deprecated public static final PermissionGroup HUDSON_PERMISSIONS
      since 2009-01-23. Access Jenkins.PERMISSIONS instead.

      @Deprecated public static final Permission HUDSON_ADMINISTER
      since 2009-01-23. Access Jenkins.ADMINISTER instead.
      Permission that represents the God-like access. Equivalent of Unix root.

      All permissions are eventually implied by this permission.

    • GROUP

      public static final PermissionGroup GROUP

      @Deprecated public static final Permission FULL_CONTROL
      since 2009-01-23. Use Jenkins.ADMINISTER.
      Historically this was separate from HUDSON_ADMINISTER but such a distinction doesn't make sense any more, so deprecated.
    • READ

      public static final Permission READ
      Generic read access.
    • WRITE

      public static final Permission WRITE
      Generic write access.
    • CREATE

      public static final Permission CREATE
      Generic create access.
    • UPDATE

      public static final Permission UPDATE
      Generic update access.
    • DELETE

      public static final Permission DELETE
      Generic delete access.

      public static final Permission CONFIGURE
      Generic configuration access.
  • Constructor Details

  • Method Details

    • isContainedBy

      public boolean isContainedBy(@NonNull PermissionScope s)
      Checks if this permission is contained in the specified scope, (either directly or indirectly.)
    • getId

      @NonNull public String getId()
      Returns the string representation of this Permission, which can be converted back to Permission via the fromId(String) method.

      This string representation is suitable for persistence.

      ID with the following format: permissionClass.permissionName
      See Also:
    • equals

      public boolean equals(Object o)
      equals in class Object
    • hashCode

      public int hashCode()
      hashCode in class Object
    • fromId

      @CheckForNull public static Permission fromId(@NonNull String id)
      Convert the ID representation into Permission object.
      null if the conversion failed.
      See Also:
    • toString

      public String toString()
      toString in class Object
    • setEnabled

      public void setEnabled(boolean enable)
    • getEnabled

      public boolean getEnabled()
    • getAll

      @NonNull public static List<Permission> getAll()
      Returns all the Permissions available in the system.
      always non-null. Read-only.