Package net.sf.basedb.core
Class SessionControl
java.lang.Object
net.sf.basedb.core.SessionControl
- All Implemented Interfaces:
AutoCloseable
- Direct Known Subclasses:
PluginSessionControl
,ServiceSessionControl
This class handles user sessions. Each instance is thread-safe and
can handle a single user at a time. This class is used
to create
DbControl
objects which are needed to access the
database.- Version:
- 2.0
- Author:
- Nicklas
- See Also:
- Last modified
- $Date: 2024-10-28 13:06:20 +0100 (Mon, 28 Oct 2024) $
-
Nested Class Summary
Modifier and TypeClassDescriptionprivate static class
private static class
Internal class to hold information about the logged in user.static class
Represents a main context for which a "current" subcontext can be assigned.private static class
Internal class to hold information about a settingstatic class
Class for storing temporary device information for a user that has been authenticated but before a device has been verified. -
Field Summary
Modifier and TypeFieldDescriptionprivate final SessionControl.ClientInfo
Information about theClientData
that created this SessionControl.private Map<String,
SessionControl.SettingInfo> Stores name and value fromClientDefaultSettingData
.private boolean
If the session control has been closed it can no longer be used.private final ThreadLocal<SessionControl.ClientInfo>
Information about the currentClientData
that checked out this SessionControl.private final Map<ContextKey,
ItemContext> Map for storing current contexts.private final Map<SessionControl.MainContext,
String> Current active subcontext names.Holds all createdDbControl
object, so we can close them if the user logs out.private final String
The id of the object.private int
private String
private long
The time of the last access to this object.private GeoLocation
Location of the remote IP.private boolean
private static final Logger
Log core events.private SessionControl.LoginInfo
Login information for the logged in user.private int
private String
private final String
The remote IP.Stores name and value of session settings.Temporary login information before a device is verified. -
Constructor Summary
ConstructorDescriptionSessionControl
(String id, String externalClientId, boolean failIfNoClient, String remoteId) Creates a newSessionControl
object.SessionControl
(String id, SessionControl parent, PluginDefinition plugin, Job job) Create a new session control object using another one as the template. -
Method Summary
Modifier and TypeMethodDescriptionprotected void
void
close()
Close this session control so it can't be used again.private SessionControl.LoginInfo
createLoginInfo
(Session session, UserData userData, String comment, boolean impersonated, AuthenticationMethod authenticationMethod, int deviceId) Create a LoginInfo object and load all information that it needs.void
deleteContext
(int contextId) Delete a context.int
deleteCurrentContexts
(Item itemType, boolean inMemory, boolean inDatabase) Delete all default contexts for the logged in user.int
Get the id of the active project, or 0 if no project is active.Get the name of the active project, or null if no project is active.Get the permissions that the logged in user has in the currently active project.Get the id of all active roles where the logged in user is a member.getAllCurrentContexts
(boolean inMemory, boolean inDatabase) Get a list with the current default contexts.(package private) int
getAllPermissions
(SharedData sharedData) (package private) int
getAllPermissions
(Item itemType, UserData owner, ItemKeyData itemKey, ProjectKeyData projectKey) Get the combined permissions for an item of the specified type, owned by the specified user and shared with the specified item and project keys.Get the id of all roles where the logged in user is a member.Get the method that was used to authenticate the currently logged in user.Get the value of theClientDefaultSetting
with the specified name.int
Get the id of theClient
application that created this SessionControl.Get the name of theClient
application that created this SessionControl.private ClientData
getClientWithExternalId
(String externalId) getContext
(int contextId) Load a context without making it the current context.getContextNames
(Item item) Same as:getContextNames(item, getCurrentSubcontext(item))
getContextNames
(Item item, String subContext) Get a list with the names of all named contexts for a given item and subcontext.int
Get the id of theClient
application that checked out this SessionControl fromApplication.getSessionControl(String, String, String, boolean)
.Get the name of theClient
application that checked out this SessionControl fromApplication.getSessionControl(String, String, String, boolean)
.getCurrentContext
(Item item) Same as:getCurrentContext(item, null, null)
.getCurrentContext
(Item item, String subContext) Same as:getCurrentContext(item, subContext, null)
.getCurrentContext
(Item item, String subContext, ItemContext defaultContext) Get the current context.getCurrentContext
(Item item, ItemContext defaultContext) Same as:getCurrentContext(item, null, defaultContext)
.Get the external id of theClient
application that checked out this SessionControl fromApplication.getSessionControl(String, String, String, boolean)
.int
Get the id of the current user session, or 0 if no user is logged in.Get the currently active subcontext for the item.getDefaultTransactionName
(String suffix) Generate a default transaction name with an optional suffix.int
Get the id of theUserDevice
in use.Get the name of theUserDevice
in use.Get the external id of theClient
application that created this SessionControl.Get the id of all friends to logged in user.Get the id of all groups where the logged in user is a member, directly or indirectly.getId()
Get the id of thisSessionControl
.Get the id of all inactive roles where the logged in user is a member.int
Get the id of theItemKey
that new items should be shared to according to the settings in the currently active project.Get the id of all item keys where the logged in user has read permission.getItemKeys
(Permission permission) Get the id of all item keys where the logged in user has the requested permission.int
getJobId()
Get the id of the job that is currently running with this session control.Get the name of the job that is currently running with this session control.getJobSessionControl
(Job job) Create a new session control for executing a job.long
Get the time this object last was accessed.Get the locale that is curently assigned to this session control.(package private) GeoLocation
getLocation
(AuthenticationMethod authMeth) int
Get the id of the logged in user, or 0 if no user is logged in.Get the login name of the currently logged in user.Get the name of the currently logged in user.getNamedContexts
(Item item) Get all named contexts that are owner by the logged in user.int
Get the id of the plug-in that is currently running with this session control.Get the name of the plug-in that is currently running with this session control.(package private) PluginPermission
getPluginPermissions
(Item itemType) Get all plugin-specific permissions for the specified item type.getPluginSessionControl
(PluginDefinition plugin, Job job) Create a new session control for executing a plugin.int
Get the id of theProjectKey
that can be used to share an item to the active project with full permission, or 0 if no project is active or the logged in user only has read permission to the active project.Get the id of all project keys where the logged in user has read permission.getProjectKeys
(Permission permission) Get the id of all project keys where the logged in user has the requested permission.(package private) int
getProjectPermission
(Project project) Get the id of all projects where the logged in user is a member, directly or indirectly.(package private) String
Get the remote id that was passed to theApplication.newSessionControl(String,String,String)
method when creating this object.(package private) int
getRolePermissions
(Item itemType) Get all role-based permissions for the specified type of items.getRoles()
Deprecated.<T> T
getSessionSetting
(String name) Get the value of a session setting with the specified name.(package private) int
getSharedPermissions
(ShareableData shareableData) Get the shared permissions for aShareableData
object.Get information about a device that is currently waiting to be verified.getUserClientSetting
(String name) Get the value of theUserClientSetting
with the specified name.getUserDefaultSetting
(String name) Get the value of theUserDefaultSetting
with the specified name.boolean
hasPermission
(Permission permission, Item itemType) Check if the logged in user has the specfied permission for all item of the specified type.boolean
hasSystemPermission
(Permission permission) Check if the logged in user has the specified system permission.impersonateLogin
(int userId, String comment) Log in as another user or create a clone of the currently logged in user's session.impersonateLogin
(Ownable item, String comment) Log in as the owner of the specified item.boolean
isAllowedToUseClient
(String externalClientId) Checks if this session control can be used by the given client application.boolean
isClosed()
If this session control has been closed or not.boolean
isDenied
(Permission permission, Item itemType) Check if the logged in user has been denied the specified permission for items of the specified type.boolean
isFriendOf
(User user) Check if the logged in user is a friend of of the specified user.boolean
Check if the logged in user was impersonated by another user.boolean
Checks if a user is logged in or not.boolean
isMemberOf
(Group group) Check if the logged in user is a member, directly or indirectly, of the specified group.boolean
isMemberOf
(Project project) Check if the logged in user is a member, directly or indirectly, of the specified project.boolean
isMemberOf
(Role role) Check if the logged in user is a member of the specified role.boolean
isRoleInactive
(int roleId) Is the given role inactive or not?private Map<String,
SessionControl.SettingInfo> listToMap
(List<? extends SettingData> settings) Copy settings from a List to a Map.private Map<String,
SessionControl.SettingInfo> loadClientDefaultSettings
(Session session, int clientId) Load client applications default settings.loadContext
(int contextId) Load a context and make it the current context.loadContext
(int contextId, boolean copyTemporaryObjects) Load a context and make it the current context, optionally copying temporary filters and objects from the current context to the loaded context.private ItemContext
loadContextInternal
(int contextId) Load a context with the specified ID.private ItemContext
loadContextInternal
(Item item, String subContext, String name) Load a named context.private UserDeviceData
loadDevice
(Session session, LoginRequest loginRequest, AuthenticatedUser authUser) Verify the device the user is using.private Map<String,
SessionControl.SettingInfo> loadUserClientSettings
(Session session, int userId, int clientId) Load users client-specific settings.private Map<String,
SessionControl.SettingInfo> loadUserDefaultSettings
(Session session, int userId) Load users default settings.void
login
(LoginRequest loginRequest) Log in to BASE.(package private) void
void
logout()
Log out of BASE.Create a newDbControl
object for this session.newDbControl
(String name) Create a new nameDbControl
object for this session.void
Tell the core to reload the logged in users permission the next time the client application needs to check the permissions.void
reloadSettings
(boolean onlyClientDefaultSettings, boolean saveCurrentUserSettings) Reloads user- and client-specific settings.private void
saveAllCurrentContexts
(Session session, UserData userData, ClientData clientData) private void
saveAllUserSettings
(Session session) Saves all user settings.int
saveCurrentContextAs
(Item item, String name, boolean overwrite, boolean isPublic) Same as:saveCurrentContextAs(item, null, name, overwrite, isPublic)
.int
saveCurrentContextAs
(Item item, String subContext, String name, boolean overwrite, boolean isPublic) Save the current context as a named context.private <I extends SettingData>
voidsaveSettings
(Session session, Query<I> query, Map<String, SessionControl.SettingInfo> settings, Class<I> dataClass, UserData userData, ClientData clientData) Save settings when a user logs out.void
setActiveProject
(Project project) Set the active project.(package private) void
setCurrentClient
(String externalId) void
setCurrentSubcontext
(SessionControl.MainContext main, String subcontext) Change the currently active subcontext for the item.boolean
setRoleInactive
(int roleId, boolean inactive) Set a role as active or inactive.<T> T
setSessionSetting
(String name, Object value) Set the value of a session setting.setUserClientSetting
(String name, String value) Set the value of aUserClientSetting
.setUserDefaultSetting
(String name, String value) Set the value of aUserDefaultSetting
.void
Update the time this object last was accessed.void
verifyDevice
(String code, boolean rememberDevice) Call this method to verify a device.private AuthenticatedUser
verifyUserExternal
(Session session, LoginRequest loginRequest, List<AuthenticationManager> authManagers) Verify the user with external authentication.(package private) AuthenticatedUser
verifyUserInternal
(Session session, LoginRequest loginRequest) Verify the user with internal authentication.
-
Field Details
-
log
Log core events. -
id
The id of the object. Used byApplication.getSessionControl(String,String,String,boolean)
-
client
Information about theClientData
that created this SessionControl. null = no client -
currentClient
Information about the currentClientData
that checked out this SessionControl. This is a ThreadLocal. -
remoteId
The remote IP. -
location
Location of the remote IP.- Since:
- 3.12
-
locationLoaded
private boolean locationLoaded -
dbControlCache
Holds all createdDbControl
object, so we can close them if the user logs out. We use only the keys of the map since there is noWeakHashSet
class. -
lastAccess
private long lastAccessThe time of the last access to this object. -
closed
private boolean closedIf the session control has been closed it can no longer be used. -
sessionSettings
Stores name and value of session settings.- Since:
- 3.19.3
-
clientDefaultSettings
Stores name and value fromClientDefaultSettingData
. -
loginInfo
Login information for the logged in user. -
unverifiedDeviceInfo
Temporary login information before a device is verified. -
currentContexts
Map for storing current contexts. -
currentSubcontexts
Current active subcontext names.- Since:
- 3.20
-
allowedClients
-
pluginId
private int pluginId -
pluginName
-
jobId
private int jobId -
jobName
-
-
Constructor Details
-
SessionControl
SessionControl(String id, SessionControl parent, PluginDefinition plugin, Job job) Create a new session control object using another one as the template. Permissions and settings are copied/referenced from the parent session control. If the plugin uses permissions those permissions are loaded and used for access control.- Parameters:
id
- The ID if the new session controlparent
- The parent session controlplugin
- The plugin that is executing
-
SessionControl
SessionControl(String id, String externalClientId, boolean failIfNoClient, String remoteId) throws BaseException Creates a newSessionControl
object.- Parameters:
id
- The id used inApplication.newSessionControl(String,String,String)
externalClientId
- Optional external ID of the client application in usefailIfNoClient
- If TRUE, an exception is thrown if an external client id has been specified, but not foundremoteId
- For example, the IP-address- Throws:
BaseException
-
-
Method Details
-
getLastAccess
public long getLastAccess()Get the time this object last was accessed. Used by the cleanup timer inApplication.cleanSessionControlCache(boolean)
- Returns:
- A long object.
- Since:
- 2.4.5
-
updateLastAccess
public void updateLastAccess()Update the time this object last was accessed. Used by the cleanup timer inApplication.cleanSessionControlCache(boolean)
-
isClosed
public boolean isClosed()If this session control has been closed or not. A closed session control can't be used.- Returns:
- TRUE if the session control is closed
- Since:
- 2.4.5
-
close
public void close()Close this session control so it can't be used again.- Specified by:
close
in interfaceAutoCloseable
- Since:
- 2.4.5
-
getId
Get the id of thisSessionControl
. Use this value for retrieving the object from theApplication
cache.- Returns:
- The id
- See Also:
-
getClientId
public int getClientId()Get the id of theClient
application that created this SessionControl. UseClient.getById(DbControl, int)
to get theClient
object.- Returns:
- Client id as an int or 0 if not known.
-
getCurrentClientId
public int getCurrentClientId()Get the id of theClient
application that checked out this SessionControl fromApplication.getSessionControl(String, String, String, boolean)
.- Returns:
- Client id as an int or 0 if not known.
- Since:
- 3.19
-
getClientName
Get the name of theClient
application that created this SessionControl.- Returns:
- The client name, or null if no client was specified
- Since:
- 3.19
-
getCurrentClientName
Get the name of theClient
application that checked out this SessionControl fromApplication.getSessionControl(String, String, String, boolean)
.- Returns:
- The client name, or null if no client was specified
- Since:
- 3.19
-
getExternalClientId
Get the external id of theClient
application that created this SessionControl.- Returns:
- A java.lang.String object.
- See Also:
-
getCurrentExternalClientId
Get the external id of theClient
application that checked out this SessionControl fromApplication.getSessionControl(String, String, String, boolean)
.- Returns:
- The client external id, or null if no client was specified
- Since:
- 3.19
-
setCurrentClient
-
getDeviceId
public int getDeviceId()Get the id of theUserDevice
in use. UseUserDevice.getById(DbControl, int)
to get theUserDevice
object.- Returns:
- Device id as an int, 0 if the device is unknown
- Since:
- 3.12
-
getDeviceName
Get the name of theUserDevice
in use.- Returns:
- Device name as a String, or null if the device is unknown
- Since:
- 3.19
-
getRemoteId
String getRemoteId()Get the remote id that was passed to theApplication.newSessionControl(String,String,String)
method when creating this object. This value is checked against the value passed to theApplication.getSessionControl(String,String,String,boolean)
method. -
getLocation
-
newDbControl
Create a newDbControl
object for this session.- Returns:
- A
DbControl
object - Throws:
BaseException
- If there is an error
-
newDbControl
Create a new nameDbControl
object for this session.- Parameters:
name
- The name of the transaction or null to generate a default name based on currently active plug-in/job/client etc. If the name starts with ':'getDefaultTransactionName(String)
is called with the name as the suffix.- Returns:
- A
DbControl
object - Throws:
BaseException
- If there is an error- Since:
- 3.19
-
getDefaultTransactionName
Generate a default transaction name with an optional suffix. The name is selected in the following priority order: 1. If a job is running the name of the job is used. If the job is a plug-in the name of the plug-in is also included (unless it is already part of the job name). 2. If a plug-in is running without a job, the name of the plug-in is used together with the suffix. 3. If a client is specified the name of the client is used together with the suffix. 4. The suffix is used by itself 5. The name is set to "Unknown".- Since:
- 3.19
-
login
-
login
Log in to BASE. The method checks that the given login is valid, the password is correct and that the user has USE permission for the client application if one has been specified.- Parameters:
loginRequest
- Request containing login/password and other information- Throws:
ItemNotFoundException
- If a user with the specified username is not foundInvalidPasswordException
- If the specified password is incorrectPermissionDeniedException
- If the user doesn't havePermission.USE
permission for the current client application or if a user is already logged inBaseException
- If there is any other error- Since:
- 3.3
- See Also:
-
getUnverifiedDeviceInfo
Get information about a device that is currently waiting to be verified. If this method returns a non-null value a verification has been sent to the user via email. This code should be used as a parameter when callingverifyDevice(String, boolean)
.- Returns:
- Information about the unverified device, or null if device verification is not needed
- Since:
- 3.12
-
verifyDevice
Call this method to verify a device. If device verification is not needed at this moment, an LoginException is thrown. If the verification fails the login process must be re-started from the beginning. There is no second try. If the verification is successful, the user will be logged in after this method completes.- Parameters:
code
- The verification code that was sent (by email) to the userrememberDevice
- A flag indicating if the device should be remembered. If not, the device needs to be verified again the next time it is used- Since:
- 3.12
- See Also:
-
verifyUserInternal
Verify the user with internal authentication. If the LoginRequest has a user id this is used first, otherwise the login is used. -
verifyUserExternal
private AuthenticatedUser verifyUserExternal(Session session, LoginRequest loginRequest, List<AuthenticationManager> authManagers) Verify the user with external authentication. -
loadDevice
private UserDeviceData loadDevice(Session session, LoginRequest loginRequest, AuthenticatedUser authUser) Verify the device the user is using. The verification is done if the current client application supports it and if the user has enabled device verification. If the device is found to be unverified a UnverifiedLoginInfo instance is created and returned.- Returns:
- An
UserDeviceData
object if device verification is supported and needed, null to continue with normal login - Since:
- 3.12, 3.17
-
impersonateLogin
public SessionControl impersonateLogin(int userId, String comment) throws ItemNotFoundException, PermissionDeniedException, BaseException Log in as another user or create a clone of the currently logged in user's session. If this call is successful, you will get a newSessionControl
object which is equivalent to aSessionControl
where that user logged in by normal means. This method requires that the logged in user hasPermission.ACT_AS_ANOTHER_USER
permission or that the userId is the same as the currently logged in user.- Parameters:
userId
- The id of the user to login ascomment
- A comment that will be placed in theSession
information- Returns:
- A new
SessionControl
object - Throws:
ItemNotFoundException
- If no user with the specified id existsPermissionDeniedException
- If the logged in user doesn't havePermission.ACT_AS_ANOTHER_USER
permission and the userId is a different user from the currently logged in userBaseException
- If there is another error
-
impersonateLogin
Log in as the owner of the specified item.- Parameters:
item
- Login as the owner of this Item. Null is not allowedcomment
- A comment that will be placed in theSession
information- Returns:
- A
SessionControl
for the created session. - See Also:
-
isAllowedToUseClient
Checks if this session control can be used by the given client application. It is allowed if the given id is the same as when this session control was created, or if there is a logged in user that is allowed to use the given client.- Parameters:
externalClientId
- The external id of the client to check- Returns:
- TRUE if the client can be used, FALSE if not
- Since:
- 3.9
-
getClientWithExternalId
-
createLoginInfo
private SessionControl.LoginInfo createLoginInfo(Session session, UserData userData, String comment, boolean impersonated, AuthenticationMethod authenticationMethod, int deviceId) throws BaseException Create a LoginInfo object and load all information that it needs.- Throws:
BaseException
-
logout
Log out of BASE. If the logged in user was impersonated the system will revert to the original user. If no user is logged in this method does nothing. If there are anyDbControl
objects still open, they will be closed. Changes made to items managed by thoseDbControl
objects will be lost unless the items are connected to a newDbControl
object.- Throws:
BaseException
- If there is an error- See Also:
-
isLoggedIn
public boolean isLoggedIn()Checks if a user is logged in or not.- Returns:
- TRUE if a user is logged in, FALSE otherwise.
- See Also:
-
getLoggedInUserId
public int getLoggedInUserId()Get the id of the logged in user, or 0 if no user is logged in. UseUser.getById(DbControl, int)
to get theUser
object.- Returns:
- User id as an int.
- See Also:
-
getLoggedInUserLogin
Get the login name of the currently logged in user. Returns null if no user is logged in.- Since:
- 3.15.1
- See Also:
-
getLoggedInUserName
Get the name of the currently logged in user. Returns null if no user is logged in.- Since:
- 3.15.1
- See Also:
-
getAuthenticationMethod
Get the method that was used to authenticate the currently logged in user. Internal authentication returnAuthenticationMethod.INTERNAL
.- Returns:
- An AuthenticationMethod object or null if no user is logged in
- Since:
- 3.3
-
getCurrentSessionId
public int getCurrentSessionId()Get the id of the current user session, or 0 if no user is logged in. UseSession.getById(DbControl, int)
to theSession
object.- Returns:
- The session id, or 0 if no user is logged in
- Since:
- 2.13
-
getPluginId
public int getPluginId()Get the id of the plug-in that is currently running with this session control.- Returns:
- The plug-in id, or 0 if not running by a plug-in
- Since:
- 2.13
-
getPluginName
Get the name of the plug-in that is currently running with this session control.- Returns:
- The plug-in name, or null if not running by a plug-in
- Since:
- 3.19
-
getJobId
public int getJobId()Get the id of the job that is currently running with this session control.- Returns:
- The job id, or 0 if not running by a job
- Since:
- 2.13
-
getJobName
Get the name of the job that is currently running with this session control.- Returns:
- The job name, or null if not running by a job
- Since:
- 3.19
-
isImpersonated
public boolean isImpersonated()Check if the logged in user was impersonated by another user.- Returns:
- TRUE or FALSE
- See Also:
-
reloadPermissions
public void reloadPermissions()Tell the core to reload the logged in users permission the next time the client application needs to check the permissions. -
reloadSettings
public void reloadSettings(boolean onlyClientDefaultSettings, boolean saveCurrentUserSettings) throws BaseException Reloads user- and client-specific settings.- Parameters:
onlyClientDefaultSettings
- Setting this to TRUE will only reloadClientDefaultSetting
:ssaveCurrentUserSettings
- Setting this to TRUE will save the current user-specific settings before reloading them. This parameter is ignored ifonlyClientDefaultSettings
is true. The settings are never changed if the logged in user is a multi-user account.- Throws:
BaseException
- If the settings cannot be reloaded
-
getActiveProjectId
public int getActiveProjectId()Get the id of the active project, or 0 if no project is active. UseProject.getById(DbControl, int)
to get theProject
object.- Returns:
- An int.
- See Also:
-
getActiveProjectName
Get the name of the active project, or null if no project is active.- Since:
- 3.15.1
- See Also:
-
setActiveProject
Set the active project. When a project is active queries will by default only load items shared to the that project, and newShareable
items will automatically be shared to the active project with delete permission. The active project doesn't affect already existing items.- Parameters:
project
- The project to make active- Throws:
PermissionDeniedException
- If the logged in user doesn't havePermission.USE
permission for the projectBaseException
- If there is another error- See Also:
-
getActiveProjectPermissions
Get the permissions that the logged in user has in the currently active project.- Returns:
- A Set with the permissions
- Since:
- 3.1
-
getPluginSessionControl
Create a new session control for executing a plugin.- Parameters:
plugin
- The plugin to executejob
- The job that executes the plug-in, or null- Returns:
- A plugin session control
- Since:
- 2.15 (was package private before that)
-
getJobSessionControl
Create a new session control for executing a job. The new session control will inherit all settings from this session control.- Since:
- 3.3
-
getProjectKeyId
public int getProjectKeyId()Get the id of theProjectKey
that can be used to share an item to the active project with full permission, or 0 if no project is active or the logged in user only has read permission to the active project. UseProjectKey.getById(DbControl, int)
to get theProjectKey
object. -
getItemKeyId
public int getItemKeyId()Get the id of theItemKey
that new items should be shared to according to the settings in the currently active project. If no project is active or if the projects doesn't share to any item key, 0 is returned. UseItemKey.getById(DbControl, int)
to get theItemKey
object.- Since:
- 2.16
- See Also:
-
hasSystemPermission
Check if the logged in user has the specified system permission.- Parameters:
permission
- One of the system permission constants defined by thePermission
enumeration- Returns:
- TRUE if the logged in user has the permission, FALSE otherwise
-
hasPermission
Check if the logged in user has the specfied permission for all item of the specified type. This method checks the permissions given to the roles the user is a member of and, if a plugin is active, the permissions given to the plugin.- Parameters:
permission
- One of the permissions constants defined by thePermission
enumerationitemType
- One of the item constants defined by theItem
enumeration- Returns:
- TRUE if the logged in user has the permission, FALSE otherwise
-
isDenied
Check if the logged in user has been denied the specified permission for items of the specified type. This method checks the permissions given to the roles the user is a member of and, if a plugin is active, the permissions given to the plugin. Note that this method is not the inverse of thehasPermission(Permission, Item)
method. Both methods may return false in which case the system also checks ownership and sharing information to determine if access is granted. If this method return TRUE thehasPermission
method always return false.- Parameters:
permission
- One of the permissions constants defined by thePermission
enumerationitemType
- One of the item constants defined by theItem
enumeration- Returns:
- TRUE if the logged in user is denied the permission, FALSE otherwise
-
getRolePermissions
Get all role-based permissions for the specified type of items. -
getPluginPermissions
Get all plugin-specific permissions for the specified item type. -
getAllPermissions
int getAllPermissions(Item itemType, UserData owner, ItemKeyData itemKey, ProjectKeyData projectKey) Get the combined permissions for an item of the specified type, owned by the specified user and shared with the specified item and project keys. -
isMemberOf
Check if the logged in user is a member, directly or indirectly, of the specified group.- Parameters:
group
- The group to check- Returns:
- TRUE if the user is a member, FALSE otherwise
-
isMemberOf
Check if the logged in user is a member of the specified role.- Parameters:
role
- The role to check- Returns:
- TRUE if the user is a member, FALSE otherwise
-
isMemberOf
Check if the logged in user is a member, directly or indirectly, of the specified project.- Parameters:
project
- The project to check- Returns:
- TRUE if the user is a member, FALSE otherwise
-
getProjectPermission
-
isFriendOf
Check if the logged in user is a friend of of the specified user. A users is a friend if the logged in user is a member, directly or indirectly, of a group where the other user is direct member.- Parameters:
user
- The user to check- Returns:
- TRUE if the user is a friend, FALSE otherwise
-
getRoles
Deprecated.In 3.11, usegetAllRoles()
orgetActiveRoles()
insteadGet the id of all roles where the logged in user is a member. For backwards compatibility reasons this method returngetAllRoles()
.- Returns:
- A
Set
containing role id:s
-
getAllRoles
Get the id of all roles where the logged in user is a member.- Returns:
- A
Set
containing role id:s, or null - Since:
- 3.11
-
getActiveRoles
Get the id of all active roles where the logged in user is a member.- Returns:
- A
Set
containing role id:s or null - Since:
- 3.11
-
getInactiveRoles
Get the id of all inactive roles where the logged in user is a member.- Returns:
- A
Set
containing role id:s or null - Since:
- 3.11
-
isRoleInactive
public boolean isRoleInactive(int roleId) Is the given role inactive or not? Note that if the user is not a member of the given role FALSE is returned.- Parameters:
roleId
- The id of the role to check- Returns:
- TRUE if the role is inactive, FALSE if not (or if the user is not a member)
- Since:
- 3.11
-
setRoleInactive
public boolean setRoleInactive(int roleId, boolean inactive) Set a role as active or inactive.- Parameters:
roleId
- The id of the role to setinactive
- TRUE to set the role to inactive, FALSE to set it to active- Returns:
- TRUE if a change was made, FALSE if not (or if the user is not a member of the role)
- Since:
- 3.11
-
getGroups
Get the id of all groups where the logged in user is a member, directly or indirectly.- Returns:
- A
Set
containing group id:s
-
getFriends
Get the id of all friends to logged in user. A users is a friend if the logged in user is a member, directly or indirectly, of a group where the other user is direct member.- Returns:
- A
Set
containing user id:s
-
getProjects
Get the id of all projects where the logged in user is a member, directly or indirectly.- Returns:
- A
Set
containing project id:s
-
getItemKeys
Get the id of all item keys where the logged in user has read permission.- Returns:
- A
Set
containing item key id:s
-
getItemKeys
Get the id of all item keys where the logged in user has the requested permission.- Parameters:
permission
- Requested permissions.- Returns:
- A
Set
containing item key id:s
-
getProjectKeys
Get the id of all project keys where the logged in user has read permission.- Returns:
- A
Set
containing project key id:s
-
getProjectKeys
Get the id of all project keys where the logged in user has the requested permission.- Parameters:
permission
- The requested permissions- Returns:
- A
Set
containing project key id:s
-
getCurrentContext
Same as:getCurrentContext(item, null, null)
. -
getCurrentContext
Same as:getCurrentContext(item, subContext, null)
. -
getCurrentContext
Same as:getCurrentContext(item, null, defaultContext)
.- Parameters:
item
- Type of item for which current context should be returned.defaultContext
- A default context to copy values from if a new context must be created- Returns:
- A
ItemContext
object. - See Also:
-
getCurrentContext
Get the current context. If no current context exists for the item/subcontext and a user is logged in, the default context will be loaded from the database. If it doesn't exist in the database or no user is logged in a new current context will be created. If a default context is specified the settings will be copied to the new context. The current context is automatically saved in the database when the user logs out.- Parameters:
item
- The type of item to get the context forsubContext
- Subcontext or null to use the current default subcontextdefaultContext
- A default context to copy values from if a new context must be created.- Returns:
- A
ItemContext
object. - Throws:
InvalidDataException
- If the item is nullBaseException
- If there is another error- See Also:
-
getCurrentSubcontext
Get the currently active subcontext for the item.- Since:
- 3.20
-
setCurrentSubcontext
Change the currently active subcontext for the item.- Parameters:
subcontext
- A subcontext or null to remove the current subcontext- Since:
- 3.20
-
loadContext
Load a context and make it the current context. All information in the current context is lost. If a saved context with the specified ID doesn't exists, or if the logged in user does't have permission to read it, null is returned and the current context is left unchanged.- Parameters:
contextId
- The ID of the context to load- Returns:
- An
ItemContext
object or null - Throws:
NotLoggedInException
- If no user is logged inBaseException
- If there is another error- See Also:
-
loadContext
public ItemContext loadContext(int contextId, boolean copyTemporaryObjects) throws NotLoggedInException, BaseException Load a context and make it the current context, optionally copying temporary filters and objects from the current context to the loaded context. If a saved context with the specified ID doesn't exists, or if the logged in user does't have permission to read it, null is returned and the current context is left unchanged.- Parameters:
contextId
- The ID of the context to load- Returns:
- An
ItemContext
object or null - Throws:
NotLoggedInException
- If no user is logged inBaseException
- If there is another error- Since:
- 3.6
- See Also:
-
getContext
Load a context without making it the current context. If a saved context with the specified ID doesn't exists, or if the logged in user does't have permission to read it, null is returned.- Parameters:
contextId
- The ID of the context to load- Returns:
- An
ItemContext
object or null - Throws:
NotLoggedInException
- If no user is logged inBaseException
- If there is another error- See Also:
-
saveCurrentContextAs
public int saveCurrentContextAs(Item item, String name, boolean overwrite, boolean isPublic) throws PermissionDeniedException, InvalidDataException, ItemAlreadyExistsException, BaseException Same as:saveCurrentContextAs(item, null, name, overwrite, isPublic)
. -
saveCurrentContextAs
public int saveCurrentContextAs(Item item, String subContext, String name, boolean overwrite, boolean isPublic) throws PermissionDeniedException, InvalidDataException, ItemAlreadyExistsException, BaseException Save the current context as a named context. Named contexts are stored in the database and can be loaded at any time with theloadContext(int)
method. If no current context exists, this method does nothing.- Parameters:
item
- The type of item to save the current context forsubContext
- The name of the sub-contextname
- The name of the contextoverwrite
- If TRUE, an existing context with the same name is overwritten, otherwise an exception is thrownisPublic
- If the saved context should be visible to everyone or not (requiresPermission.SHARE_TO_EVERYONE
permission)- Returns:
- Saved context's id as an int.
- Throws:
PermissionDeniedException
- If no user is logged in, or if the logged in user is a multi-user account or if theisPublic
parameter is true but the logged in user doesn't haveSHARE_TO_EVERYONE
permissionInvalidDataException
- If the item or name parameter is nullItemAlreadyExistsException
- If another context with the same name exists and the overwrite parameter is FALSEBaseException
- If there is another error
-
deleteContext
Delete a context. If a saved context with the specified id doesn't exists, this method does nothing.- Parameters:
contextId
- The id of the context- Throws:
PermissionDeniedException
- If no user is logged in, or if he logged in user is a multi-user account or isn't the owner of the contextBaseException
- If there is another error- See Also:
-
getContextNames
public Enumeration<Integer,String> getContextNames(Item item) throws InvalidDataException, BaseException Same as:getContextNames(item, getCurrentSubcontext(item))
- Throws:
InvalidDataException
BaseException
- See Also:
-
getContextNames
public Enumeration<Integer,String> getContextNames(Item item, String subContext) throws InvalidDataException, BaseException Get a list with the names of all named contexts for a given item and subcontext.- Parameters:
item
- Item for which named contexts should be returnedsubContext
- Certain sub context to return contexts for, if null all contexts are returned. Use empty string for the default context- Returns:
- A enumeration containing the id and names, the list will be empty if no user is logged in or if no names contexts exists for the specified item type/subcontext
- Throws:
InvalidDataException
- If the item parameter is nullBaseException
- If there is another error
-
getNamedContexts
Get all named contexts that are owner by the logged in user.- Since:
- 3.20
-
loadContextInternal
Load a context with the specified ID. If no context with that ID exists or if the context belongs to a different client application or user and not is public null is returned.- Throws:
BaseException
-
loadContextInternal
private ItemContext loadContextInternal(Item item, String subContext, String name) throws BaseException Load a named context. Returns null if no context with the specified name exists for the specified item type/subcontext.- Throws:
BaseException
-
saveAllCurrentContexts
-
getAllCurrentContexts
Get a list with the current default contexts. The list may include, only in-memory contexts, in-database contexts, or both. If both options are enabled and an in-memory context also has a database representation, both are included in the list. Eg. the list may include more than one context wereItemContext.getContextId()
returns the same value.- Parameters:
inMemory
- If TRUE, the in-memory contexts are included in the listinDatabase
- If TRUE, the in-database contexts are included in the list- Returns:
- A list with ItemContext objects
- Since:
- 2.15
-
deleteCurrentContexts
Delete all default contexts for the logged in user.- Parameters:
itemType
- The item type to delete the contexts for, or null to delete all contextsinMemory
- TRUE to delete in-memory contextsinDatabase
- TRUE to delete in-database contexts- Returns:
- The number of contexts deleted
- Since:
- 2.8
-
getLocale
Get the locale that is curently assigned to this session control.- Returns:
- A Locale object
- Since:
- 2.16
-
getSessionSetting
Get the value of a session setting with the specified name.- Parameters:
name
- The name of the setting- Returns:
- A object with the value of the setting, or null if no setting is found
-
setSessionSetting
Set the value of a session setting.- Parameters:
name
- The name of the settingvalue
- The new value of the setting, or null to remove the setting- Returns:
- The old value of the setting, or null if it did not exist
-
getUserClientSetting
Get the value of theUserClientSetting
with the specified name. If no user is logged in null is returned.- Parameters:
name
- The name of the setting- Returns:
- A string with the value of the setting, or null if no setting is found
-
setUserClientSetting
Set the value of aUserClientSetting
.- Parameters:
name
- The name of the settingvalue
- The new value of the setting, or null to remove the setting- Returns:
- The old value of the setting, or null if it did not exist or no user is logged in
-
getUserDefaultSetting
Get the value of theUserDefaultSetting
with the specified name.- Parameters:
name
- The name of the setting- Returns:
- A string with the value of the setting, or null if no setting is found
-
setUserDefaultSetting
Set the value of aUserDefaultSetting
.- Parameters:
name
- The name of the settingvalue
- The new value of the setting, or null to remove the setting- Returns:
- The old value of the setting, or null if it did not exist or no user is logged in
-
getClientDefaultSetting
Get the value of theClientDefaultSetting
with the specified name.- Parameters:
name
- The name of the setting- Returns:
- A string with the value of the setting, or null if no setting is found
-
listToMap
Copy settings from a List to a Map. The key is the name of the setting (SettingData.getName()
) and the value is aSessionControl.SettingInfo
object. -
loadClientDefaultSettings
private Map<String,SessionControl.SettingInfo> loadClientDefaultSettings(Session session, int clientId) Load client applications default settings. -
loadUserDefaultSettings
Load users default settings. -
loadUserClientSettings
private Map<String,SessionControl.SettingInfo> loadUserClientSettings(Session session, int userId, int clientId) Load users client-specific settings. -
saveAllUserSettings
Saves all user settings. -
saveSettings
private <I extends SettingData> void saveSettings(Session session, Query<I> query, Map<String, SessionControl.SettingInfo> settings, Class<I> dataClass, UserData userData, ClientData clientData) throws BaseExceptionSave settings when a user logs out. This method will delete settings that have been deleted, update changed settings and create new settings.- Parameters:
session
- The Hibernate sessionquery
- A Hibernate query to load the settings already in the databasesettings
- The settings to savedataClass
- TheClass
of the settings, should be one ofUserDefaultSettingData
orUserClientSettingData
userData
- TheUserData
object for the logged in userclientData
- TheClientData
object for the client application- Throws:
BaseException
-
clearDbControlCache
protected void clearDbControlCache()
-
getAllRoles()
orgetActiveRoles()
instead