Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Stash 2.12 doWithPermission deprecation replacement

Alex Holtz
AlexH
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 15, 2014

Atlassian,

You've marked doWithPermission as deprecated in 2.12 (for removal in 4.0). Correct usage of the replacement is non-obvious to me. Are there any examples?

I'm partially thinking that because this is set for removal two major versions away maybe the replacement isn't actually ready yet?

Here's an example of functional usage of doWithPermission:

Page<Changeset> page = securityService.doWithPermission("My Hook", Permission.REPO_READ,
                    new UncheckedOperation<Page<Changeset>>() {
                        @Override
                        public Page<Changeset> perform() {
                            return commitService.getChangesetsBetween(request,pageRequest);
                        }
                    });

How would you implement this with the "withPermission" replacement?

Thanks,

-Alex

Watch
Like Alexey_Efimov likes this
226 views

2 answers

1 accepted

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

1 vote
Answer accepted
Alexey_Efimov
Alexey_Efimov
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 15, 2014 
private static PageProvider<PullRequest> search(final PullRequestService pullRequestService,
                                                    final SecurityService securityService) {
        return new PageProvider<PullRequest>() {
            @Override
            public Page<PullRequest> get(PageRequest request) {
                return securityService
                        .withPermissions(
                                EnumSet.of(Permission.REPO_READ, Permission.LICENSED_USER),
                                "Get all open pull requests in attempt to merge them")
                        .call(searchOp(pullRequestService, request));
            }
        };
    }

Something like this

View More Comments
Alex Holtz
AlexH
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 15, 2014

What's going on inside your "searchOp()" method? That seems to be the key part that has to do with the new "EscalatedSecurityContext" object defined as part of the new "withPermission" API call.

Like
Alexey_Efimov
Alexey_Efimov
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 16, 2014

It is simple static method with new UncheckedOperation:

private static Operation<Page<PullRequest>, RuntimeException> searchOp(final PullRequestService pullRequestService,
                                                                           final PageRequest pageRequest) {
        return new UncheckedOperation<Page<PullRequest>>() {
            @Override
            public Page<PullRequest> perform() {
                return pullRequestService.search(new PullRequestSearchRequest.Builder()
                                .state(PullRequestState.OPEN)
                                .order(PullRequestOrder.OLDEST)
                                .build(),
                        pageRequest
                );
            }
        };
    }

Like
Alex Holtz
AlexH
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 16, 2014

Very helpful, thank you.

Like
Reply
0 votes
Michael Heemskerk
Michael Heemskerk
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 16, 2014

Alex,

As Alexey suggested, the replacement functionality is to use the withPermission method to obtain an EscalatedSecurityContext. You can then use the call method to execute an Operation in the custom security context.

We've introduces EscalatedSecurityContext to allow you to:

  • create the EscalatedSecurityContext once and reuse it many times
  • do more advanced permission escalation (e.g. with REPO_READ on repo 1 and REPO_WRITE on repo2) without having to resort to nested calls of SecurityService.doX

The only reason we've decided to not remove the methods in 3.0 is that we're planning release 3.0 soon-ish and wanted to give plugin developers sufficient time to switch over to the new methods.

Hope that helps!

Cheers,

Michael

View More Comments
Alex Holtz
AlexH
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 16, 2014

This was helpful, thank you.

Like
Reply
Atlassian logo
Answers Developer Questions
TAGS
AUG Leaders

Atlassian Community Events

    See all events