SecurityService.java example

Explorer
hudson.core-master
/*******************************************************************************
 *
 * Copyright (c) 2010-2011 Sonatype, Inc.
 *
 * All rights reserved. This program and the accompanying materials
 * are made available under the terms of the Eclipse Public License v1.0
 * which accompanies this distribution, and is available at
 * http://www.eclipse.org/legal/epl-v10.html
 *
 * Contributors:
 *
 *
 *
 *
 *******************************************************************************/ 

package org.hudsonci.service;

import hudson.model.User;
import hudson.security.AccessControlled;
import hudson.security.Permission;

import java.util.concurrent.Callable;

import org.hudsonci.service.internal.SecurityServiceImpl;

import com.google.inject.ImplementedBy;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.core.Authentication;

/**
 * Security services.
 *
 * @since 2.1.0
 */
@ImplementedBy(SecurityServiceImpl.class)
public interface SecurityService {

    /**
     * Check a Permission against {@link hudson.model.Hudson} for the current
     * user.
     *
     * @see hudson.model.Hudson#checkPermission(Permission)
     * @param permission the permission to check
     * @throws AccessDeniedException if access for the given permission is
     * denied
     */
    void checkPermission(Permission permission);

    /**
     * Check a Permission against an {@link AccessControlled} object in the
     * current security context. <p> Recommended to use this instead of checking
     * permission on the object directly. Consider this method a funnel for
     * access security.
     *
     * @param controlled the instance under control
     * @param permission the permission to check on the access controlled object
     */
    void checkPermission(AccessControlled controlled, Permission permission);

    /**
     * Check if a an {@link AccessControlled} instance will allow the current
     * security context the specified {@link Permission}. <p> Recommended to use
     * this instead of checking has permission on the object directly. Consider
     * this method a funnel for access security.
     *
     * @param controlled the instance under control
     * @param permission the permission to check on the access controlled object
     * @return true if current security context has the specified permission
     */
    boolean hasPermission(AccessControlled controlled, Permission permission);

    User getCurrentUser();

    User getUser(String id);

    User getUnknownUser();

    void runAs(Authentication auth, Runnable task);

    <T> T callAs(Authentication auth, Callable<T> task) throws Exception;

    <T> T callAs2(Authentication auth, Callable<T> task);
}