Package com.microsoft.jenkins.azuread
Interface AuthorizationContainer
- All Known Subinterfaces:
AuthorizationProperty
- All Known Implementing Classes:
AuthorizationMatrixNodeProperty
,AuthorizationMatrixProperty
,AuthorizationMatrixProperty
,AzureAdAuthorizationMatrixFolderProperty
,AzureAdAuthorizationMatrixNodeProperty
,AzureAdAuthorizationMatrixProperty
,AzureAdMatrixAuthorizationStrategy
,GlobalMatrixAuthorizationStrategy
@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class)
public interface AuthorizationContainer
-
Nested Class Summary
Modifier and TypeInterfaceDescriptionstatic class
static class
-
Field Summary
-
Method Summary
Modifier and TypeMethodDescriptiondefault void
add
(Permission permission, PermissionEntry entry) Adds togetGrantedPermissionEntries()
.default void
add
(Permission permission, String sid) Deprecated.default void
Works likeadd(Permission, PermissionEntry)
but takes both parameters from a single string of the formPERMISSION_ID:sid
(legacy format, implicit 'EITHER' type) ortype:PERMISSION_ID:sid
(new since 3.0).default List<PermissionEntry>
Deprecated.Since 3.0, use {getAllPermissionEntries()
} instead.Returns a live modifiable map of permissions.default Map<Permission,
Set<String>> Deprecated.Since 3.0, use {getGrantedPermissionEntries()
} instead.Internal only: Returns all recorded (possible) group sids to allow populatingAuthorizationStrategy.getGroups()
.default boolean
hasExplicitPermission
(PermissionEntry entry, Permission p) Return true if and only if the exact permission entry is explicitly granted the specified permission, ignoring compatible types (e.g.default boolean
hasExplicitPermission
(String sid, Permission p) Deprecated.default boolean
hasPermission
(String sid, Permission p) Deprecated.UsehasPermission(String, Permission, boolean)
instead.default boolean
hasPermission
(String sid, Permission p, boolean principal) Checks if the given SID has the given permission.static Permission
parsePermission
(String permission) void
recordGroup
(String sid) Internal only: Record use of a (possible) group sid to be later returned ingetGroups()
.
-
Field Details
-
LOGGER
-
-
Method Details
-
add
Deprecated.Since 3.0, useadd(Permission, PermissionEntry)
instead. -
add
Adds togetGrantedPermissionEntries()
. Use of this method should be limited during construction, as this object itself is considered immutable once populated.- Since:
- 3.0
-
getGrantedPermissions
Deprecated.Since 3.0, use {getGrantedPermissionEntries()
} instead.Returns all the (Permission, sid) tuples where permissions are granted to either groups or users. This does NOT include permissions granted specifically to users or groups (added in 3.0).- Returns:
- read-only. never null.
-
getGrantedPermissionEntries
Map<Permission,Set<PermissionEntry>> getGrantedPermissionEntries()Returns a live modifiable map of permissions. This return value needs to be treated as unmodifiable from shortly after object construction (even though it isn't for practical reasons).- Since:
- 3.0
-
getGroups
Internal only: Returns all recorded (possible) group sids to allow populatingAuthorizationStrategy.getGroups()
.- Since:
- 3.0
-
recordGroup
Internal only: Record use of a (possible) group sid to be later returned ingetGroups()
. -
getDescriptor
Descriptor getDescriptor() -
add
Works likeadd(Permission, PermissionEntry)
but takes both parameters from a single string of the formPERMISSION_ID:sid
(legacy format, implicit 'EITHER' type) ortype:PERMISSION_ID:sid
(new since 3.0).The supported formats for
PERMISSION_ID
are:- Internal ID:
hudson.model.Hudson.ADMINISTER
- UI short form:
Overall/Administer
- See Also:
-
Permission.fromId(String)
PermissionFinder
- Internal ID:
-
parsePermission
@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) static Permission parsePermission(String permission) -
getEditingPermission
-
getAllSIDs
Deprecated.Since 3.0, use {getAllPermissionEntries()
} instead.Returns SIDs configured in this matrix with 'either' (legacy pre-3.0) type, minus "anonymous". This does NOT include permissions granted specifically to users or groups (new in 3.0).- Returns:
- Always non-null.
-
getAllPermissionEntries
-
hasPermission
Deprecated.UsehasPermission(String, Permission, boolean)
instead.Checks if the given SID has the given permission. -
hasPermission
Checks if the given SID has the given permission. -
hasExplicitPermission
Deprecated.Checks if the permission is explicitly given, instead of implied throughPermission.impliedBy
. -
hasExplicitPermission
Return true if and only if the exact permission entry is explicitly granted the specified permission, ignoring compatible types (e.g. passing USER will not match an EITHER entry) and implications.- Parameters:
entry
- the entry to check forp
- the permission to check for- Returns:
- true if and only if the exact entry matches
- Since:
- 3.0
-
add(Permission, PermissionEntry)
instead.