Class AuthUtil
- java.lang.Object
-
- jetbrains.buildServer.serverSide.auth.AuthUtil
-
public class AuthUtil extends Object
-
-
Field Summary
Fields Modifier and Type Field Description static Permission[]ADMIN_ZONE_PERMISSIONSstatic StringTEAMCITY_AGENTS_PER_PROJECT_USER_ACCESS_ENABLED
-
Method Summary
All Methods Static Methods Concrete Methods Deprecated Methods Modifier and Type Method Description static booleanadminSpaceAvailable(AuthorityHolder authorityHolder)Returns true if authority holder has at least one permission allowing him to access administration spacestatic booleancanAdministerAgent(AuthorityHolder authorityHolder, SBuildAgent agent)Returns true if authority holder can administer the specified agentstatic booleancanAdministerAgents(AuthorityHolder authorityHolder)Returns true if authority holder can administer at least one agentstatic booleancanViewAgentDetails(AuthorityHolder authorityHolder, SBuildAgent agent)static booleancanViewAnyRoleScope(AuthorityHolder authorityHolder, Collection<RoleScope> roleScopes)static booleancanViewUserProfile(AuthorityHolder authorityHolder, SUser user)Checks whether authority holder can access user profile data (email and properties).static booleangroupManagementAvailable(AuthorityHolder authorityHolder)Returns true if group management interface is availablestatic booleanhasFileContentAccess(AuthorityHolder authorityHolder, SVcsModification modification)Returns true if authority holder has view file content access to any build configuration related to specified modification, or any build configuration related to any duplicate of specified modificationstatic booleanhasGlobalOrPoolProjectsPermission(AuthorityHolder authorityHolder, AgentPool agentPool, Permission globalPermission, Permission projectPermission)returns true if specified authority holder has specific permission globally or for supplied all projects.static booleanhasGlobalPermission(AuthorityHolder authorityHolder, Permission permission)Returns true if specified authority holder has specified global permissionstatic booleanhasGlobalPermissionToViewAllAgentPools(AuthorityHolder authHolder)Returns true if the current authority holder has some global permissions which allow to view all agent poolsstatic booleanhasPermissionToAuthorizeAgentsInPool(AuthorityHolder authorityHolder, AgentPool agentPool)Checks whether specified authority holder can authorize or unauthorize agents in the given pool.static booleanhasPermissionToEditModification(AuthorityHolder authHolder, SVcsModification modification)static booleanhasPermissionToEditVcsRoot(AuthorityHolder authHolder, SVcsRoot vcsRoot)Checks whether specified authority holder can edit VCS rootstatic booleanhasPermissionToEnableAgentsInPool(AuthorityHolder authorityHolder, AgentPool agentPool)Checks whether specified authority holder can enable or disable agents in the given pool.static booleanhasPermissionToManageAgentPoolsWithProject(AuthorityHolder authHolder, String projectId)Checks whether specified authority holder can manage agent pool-project association for the specified project.static booleanhasPermissionToManageAgentPoolsWithProjects(AuthorityHolder authHolder, Collection<String> projects)Checks whether specified authority holder can manage agent pools the given projects are associated with.static booleanhasPermissionToManageAllAgentPoolProjectAssociations(AuthorityHolder authHolder)Checks whether specified authority holder can manage agent pool-project associations for all pools.static booleanhasPermissionToManageAllProjects(AuthorityHolder authHolder)Checks whether specified authority holder can manage all projects.static booleanhasPermissionToManageProject(AuthorityHolder authHolder, String projectInternalId)Checks whether specified authority holder can manage the given project.static booleanhasPermissionToManageProjects(AuthorityHolder authHolder, Collection<String> projects)Checks whether specified authority holder can manage all the given projects.static booleanhasPermissionToRemoveBuild(AuthorityHolder authorityHolder, BuildPromotion promotion)Returns true if authority holder has permissions to remove build associated with specified buildPromotionstatic booleanhasPermissionToStopBuild(AuthorityHolder authorityHolder, BuildPromotion promotion)Returns true if authority holder has permissions to stop build associated with the specified promotionstatic booleanhasPermissionToViewAgentDetailsAccessibleForProjects(AuthorityHolder authorityHolder, Collection<String> projectIds)Checks whether specified authority holder can view details of agents from pools the given projects are associated with.static booleanhasPermissionToViewAgentDetailsInPool(AuthorityHolder authorityHolder, AgentPool agentPool)Checks whether specified authority holder can view details of agent placed in the given pool.static booleanhasPermissionToViewAgentPool(AuthorityHolder authHolder, AgentPool agentPool)Checks whether specified authority holder can view agents placed in the given pool.static booleanhasProjectPermission(AuthorityHolder authorityHolder, String projectId, Permission permission)Returns true if specified authority holder has specified permission in specified projectstatic booleanhasReadAccessTo(AuthorityHolder authorityHolder, String projectId)Returns true if authority holder has read access to a project with specified idstatic booleanhasReadAccessTo(AuthorityHolder authorityHolder, Build build)Returns true if authority holder has read access to build projectstatic booleanhasReadAccessTo(AuthorityHolder authorityHolder, BuildTypeDescriptor buildType)Returns true if authority holder has read access to build configuration projectstatic booleanhasReadAccessTo(AuthorityHolder authorityHolder, SVcsModification modification)Returns true if authority holder has read access to the specified VCS modification (has read access to at least one build configuration where this modification appeared)static booleanhasReadAccessTo(AuthorityHolder authorityHolder, SVcsRoot vcsRoot)Returns true if authority holder has read access to the specified VCS rootstatic booleanhasReadAccessTo(AuthorityHolder authorityHolder, VcsRootInstance vcsRoot)Returns true if authority holder has read access to the specified VCS rootstatic booleanhasReadAccessToAnyOfProjects(AuthorityHolder authorityHolder, Collection<String> projectIds)Returns true if authority holder has read access to a project with specified idstatic booleanisSystemAdmin(AuthorityHolder authHolder)Deprecated.Use permissions check (eghasGlobalPermission(AuthorityHolder, Permission)toPermission.CHANGE_SERVER_SETTINGS)static booleanuserManagementAvailable(AuthorityHolder authorityHolder)Returns true if user & group management interfaces are available
-
-
-
Field Detail
-
TEAMCITY_AGENTS_PER_PROJECT_USER_ACCESS_ENABLED
public static final String TEAMCITY_AGENTS_PER_PROJECT_USER_ACCESS_ENABLED
- See Also:
- Constant Field Values
-
ADMIN_ZONE_PERMISSIONS
public static final Permission[] ADMIN_ZONE_PERMISSIONS
-
-
Method Detail
-
hasReadAccessTo
public static boolean hasReadAccessTo(@NotNull AuthorityHolder authorityHolder, @NotNull String projectId)Returns true if authority holder has read access to a project with specified id- Parameters:
authorityHolder- authority holderprojectId- project id- Returns:
- true if authority holder has read access to project
-
hasReadAccessToAnyOfProjects
public static boolean hasReadAccessToAnyOfProjects(@NotNull AuthorityHolder authorityHolder, @NotNull Collection<String> projectIds)Returns true if authority holder has read access to a project with specified id- Parameters:
authorityHolder- authority holderprojectIds- project ids- Returns:
- true if authority holder has read access to project
-
hasReadAccessTo
public static boolean hasReadAccessTo(@NotNull AuthorityHolder authorityHolder, @NotNull BuildTypeDescriptor buildType)Returns true if authority holder has read access to build configuration project- Parameters:
authorityHolder- authority holderbuildType- build configuration- Returns:
- true if authority holder has read access to build configuration project
-
hasReadAccessTo
public static boolean hasReadAccessTo(@NotNull AuthorityHolder authorityHolder, @NotNull Build build)Returns true if authority holder has read access to build project- Parameters:
authorityHolder- authority holderbuild- build- Returns:
- true if authority holder has read access to build project
-
hasReadAccessTo
public static boolean hasReadAccessTo(@NotNull AuthorityHolder authorityHolder, @NotNull VcsRootInstance vcsRoot)Returns true if authority holder has read access to the specified VCS root- Parameters:
authorityHolder- authority holdervcsRoot- vcs root- Returns:
- true if authority holder has read access to the specified VCS root
-
hasReadAccessTo
public static boolean hasReadAccessTo(@NotNull AuthorityHolder authorityHolder, @NotNull SVcsRoot vcsRoot)Returns true if authority holder has read access to the specified VCS root- Parameters:
authorityHolder- authority holdervcsRoot- vcs root- Returns:
- true if authority holder has read access to the specified VCS root
-
hasReadAccessTo
public static boolean hasReadAccessTo(@NotNull AuthorityHolder authorityHolder, @NotNull SVcsModification modification)Returns true if authority holder has read access to the specified VCS modification (has read access to at least one build configuration where this modification appeared)- Parameters:
authorityHolder- authority holdermodification- VCS modification- Returns:
- see above
-
hasFileContentAccess
public static boolean hasFileContentAccess(@NotNull AuthorityHolder authorityHolder, @NotNull SVcsModification modification)Returns true if authority holder has view file content access to any build configuration related to specified modification, or any build configuration related to any duplicate of specified modification- Parameters:
authorityHolder- authority holdermodification- VCS modification- Returns:
- see above
-
adminSpaceAvailable
public static boolean adminSpaceAvailable(@NotNull AuthorityHolder authorityHolder)Returns true if authority holder has at least one permission allowing him to access administration space- Parameters:
authorityHolder- authority holder- Returns:
- see above
-
hasGlobalPermission
public static boolean hasGlobalPermission(@NotNull AuthorityHolder authorityHolder, @NotNull Permission permission)Returns true if specified authority holder has specified global permission- Parameters:
authorityHolder- authority holderpermission- permission- Returns:
- see above
-
hasProjectPermission
public static boolean hasProjectPermission(@NotNull AuthorityHolder authorityHolder, @NotNull String projectId, @NotNull Permission permission)Returns true if specified authority holder has specified permission in specified project- Parameters:
authorityHolder- authority holderprojectId- project internal idpermission- permission- Returns:
- see above
- Since:
- 2017.1
-
hasGlobalOrPoolProjectsPermission
public static boolean hasGlobalOrPoolProjectsPermission(@NotNull AuthorityHolder authorityHolder, @NotNull AgentPool agentPool, @NotNull Permission globalPermission, @NotNull Permission projectPermission)returns true if specified authority holder has specific permission globally or for supplied all projects.- Parameters:
authorityHolder- authority holderagentPool- agent poolglobalPermission- global permissionprojectPermission- corresponding project-level permission- Returns:
- see above
-
hasPermissionToStopBuild
public static boolean hasPermissionToStopBuild(@NotNull AuthorityHolder authorityHolder, @NotNull BuildPromotion promotion)Returns true if authority holder has permissions to stop build associated with the specified promotion- Parameters:
authorityHolder- authority holderpromotion- promotion associated with build- Returns:
- see above
-
hasPermissionToRemoveBuild
public static boolean hasPermissionToRemoveBuild(@NotNull AuthorityHolder authorityHolder, @NotNull BuildPromotion promotion)Returns true if authority holder has permissions to remove build associated with specified buildPromotion- Parameters:
authorityHolder- authority holderpromotion- promotion associated with build- Returns:
- see above
-
userManagementAvailable
public static boolean userManagementAvailable(@NotNull AuthorityHolder authorityHolder)Returns true if user & group management interfaces are available- Parameters:
authorityHolder- authority holder- Returns:
- see above
-
groupManagementAvailable
public static boolean groupManagementAvailable(@NotNull AuthorityHolder authorityHolder)Returns true if group management interface is available- Parameters:
authorityHolder- authority holder- Returns:
- true if group management interface is available
-
hasPermissionToEditVcsRoot
public static boolean hasPermissionToEditVcsRoot(@NotNull AuthorityHolder authHolder, @NotNull SVcsRoot vcsRoot)Checks whether specified authority holder can edit VCS root
-
hasPermissionToManageProject
public static boolean hasPermissionToManageProject(@NotNull AuthorityHolder authHolder, @NotNull String projectInternalId)Checks whether specified authority holder can manage the given project.- Parameters:
authHolder- authority holder.projectInternalId- project internal id- Returns:
- true if he/she can manage the project.
- Since:
- 7.0
-
hasPermissionToManageProjects
public static boolean hasPermissionToManageProjects(@NotNull AuthorityHolder authHolder, @NotNull Collection<String> projects)Checks whether specified authority holder can manage all the given projects.- Parameters:
authHolder- authority holder.projects- identifiers of projects to check.- Returns:
- true if he/she can manage each project in the collection; false if he/she cannot manage at least one given project; if collection is empty the result is whether he/she can manage all projects in the system.
- Since:
- 7.0
-
hasPermissionToManageAgentPoolsWithProject
public static boolean hasPermissionToManageAgentPoolsWithProject(@NotNull AuthorityHolder authHolder, @NotNull String projectId)Checks whether specified authority holder can manage agent pool-project association for the specified project.- Parameters:
authHolder- authority holder.projectId- identifiers of project to check.- Returns:
- can manage.
- Since:
- 7.0
- See Also:
hasPermissionToManageAgentPoolsWithProjects(jetbrains.buildServer.serverSide.auth.AuthorityHolder, java.util.Collection<java.lang.String>),hasPermissionToManageAllAgentPoolProjectAssociations(jetbrains.buildServer.serverSide.auth.AuthorityHolder)
-
hasPermissionToManageAgentPoolsWithProjects
public static boolean hasPermissionToManageAgentPoolsWithProjects(@NotNull AuthorityHolder authHolder, @NotNull Collection<String> projects)Checks whether specified authority holder can manage agent pools the given projects are associated with. Really, it checks that the user has MANAGE_AGENT_POOLS_FOR_PROJECT for each given project or globally, or MANAGE_AGENT_POOLS globally- Parameters:
authHolder- authority holder.projects- identifiers of projects to check.- Returns:
- can manage.
- Since:
- 7.0
- See Also:
hasPermissionToManageAgentPoolsWithProject(jetbrains.buildServer.serverSide.auth.AuthorityHolder, java.lang.String),hasPermissionToManageAllAgentPoolProjectAssociations(jetbrains.buildServer.serverSide.auth.AuthorityHolder)
-
hasPermissionToViewAgentDetailsAccessibleForProjects
public static boolean hasPermissionToViewAgentDetailsAccessibleForProjects(@NotNull AuthorityHolder authorityHolder, @NotNull Collection<String> projectIds)Checks whether specified authority holder can view details of agents from pools the given projects are associated with.- Parameters:
authorityHolder- authority holder.projectIds- identifiers of projects to check.- Returns:
- can view.
- Since:
- 2018.1
-
hasPermissionToViewAgentPool
public static boolean hasPermissionToViewAgentPool(@NotNull AuthorityHolder authHolder, @NotNull AgentPool agentPool)Checks whether specified authority holder can view agents placed in the given pool.- Parameters:
authHolder- authority holder.agentPool- pool to check.- Returns:
- can view agents.
- Since:
- 2018.1
-
hasGlobalPermissionToViewAllAgentPools
public static boolean hasGlobalPermissionToViewAllAgentPools(@NotNull AuthorityHolder authHolder)Returns true if the current authority holder has some global permissions which allow to view all agent pools- Parameters:
authHolder- authority holder- Returns:
- see above
- Since:
- 2024.03
-
hasPermissionToViewAgentDetailsInPool
public static boolean hasPermissionToViewAgentDetailsInPool(@NotNull AuthorityHolder authorityHolder, @NotNull AgentPool agentPool)Checks whether specified authority holder can view details of agent placed in the given pool.- Parameters:
authorityHolder- authority holder.agentPool- pool to check.- Returns:
- can view agent details.
- Since:
- 2018.1
-
hasPermissionToAuthorizeAgentsInPool
public static boolean hasPermissionToAuthorizeAgentsInPool(@NotNull AuthorityHolder authorityHolder, @NotNull AgentPool agentPool)Checks whether specified authority holder can authorize or unauthorize agents in the given pool.- Parameters:
authorityHolder- authority holder.agentPool- pool to check.- Returns:
- can authorize/unauthorize agents.
- Since:
- 2021.2
-
hasPermissionToEnableAgentsInPool
public static boolean hasPermissionToEnableAgentsInPool(@NotNull AuthorityHolder authorityHolder, @NotNull AgentPool agentPool)Checks whether specified authority holder can enable or disable agents in the given pool.- Parameters:
authorityHolder- authority holder.agentPool- pool to check.- Returns:
- can enable/disable agents.
- Since:
- 2021.2
-
hasPermissionToManageAllAgentPoolProjectAssociations
public static boolean hasPermissionToManageAllAgentPoolProjectAssociations(@NotNull AuthorityHolder authHolder)Checks whether specified authority holder can manage agent pool-project associations for all pools.- Parameters:
authHolder- authority holder.- Returns:
- can manage.
- Since:
- 7.0
- See Also:
hasPermissionToManageAgentPoolsWithProject(jetbrains.buildServer.serverSide.auth.AuthorityHolder, java.lang.String),hasPermissionToManageAgentPoolsWithProjects(jetbrains.buildServer.serverSide.auth.AuthorityHolder, java.util.Collection<java.lang.String>)
-
hasPermissionToManageAllProjects
public static boolean hasPermissionToManageAllProjects(@NotNull AuthorityHolder authHolder)Checks whether specified authority holder can manage all projects.- Parameters:
authHolder- authority holder.- Returns:
- true if he/she can manage all projects.
- Since:
- 7.0
-
canViewUserProfile
public static boolean canViewUserProfile(@NotNull AuthorityHolder authorityHolder, @NotNull SUser user)Checks whether authority holder can access user profile data (email and properties).- Parameters:
authorityHolder- authority holderuser- user- Returns:
- true if access is allowed
- Since:
- 7.0
-
hasPermissionToEditModification
public static boolean hasPermissionToEditModification(AuthorityHolder authHolder, SVcsModification modification)
-
canViewAnyRoleScope
public static boolean canViewAnyRoleScope(@NotNull AuthorityHolder authorityHolder, @NotNull Collection<RoleScope> roleScopes)
-
isSystemAdmin
@Deprecated public static boolean isSystemAdmin(@NotNull AuthorityHolder authHolder)
Deprecated.Use permissions check (eghasGlobalPermission(AuthorityHolder, Permission)toPermission.CHANGE_SERVER_SETTINGS)Returns whether a specifiedauthHolderis a system admin (has system admin role).- Parameters:
authHolder- authority holder- Returns:
- true iff the authority holder is a system admin
-
canAdministerAgents
public static boolean canAdministerAgents(@NotNull AuthorityHolder authorityHolder)Returns true if authority holder can administer at least one agent- Parameters:
authorityHolder- authority holder- Returns:
- see above
- Since:
- 2017.1
-
canAdministerAgent
public static boolean canAdministerAgent(@NotNull AuthorityHolder authorityHolder, @NotNull SBuildAgent agent)Returns true if authority holder can administer the specified agent- Parameters:
authorityHolder- authority holderagent- agent- Returns:
- see above
- Since:
- 2017.1
-
canViewAgentDetails
public static boolean canViewAgentDetails(@NotNull AuthorityHolder authorityHolder, @NotNull SBuildAgent agent)
-
-