Skip to Content (Press Enter)
OutSystems.com
Personal Edition
Community
Support
Training
Training
Online Training
Developer Schools
Boot Camps
Certifications
Tech Talks
Documentation
Documentation
Overview
ODC
O11
Forums
Forge
Get Involved
Get Involved
Jobs
Ideas
Members
Mentorship
User Groups
Platform
Platform
ODC
O11
Search in OutSystems
Log in
Get Started
Back to Forums
Joop Stringer
891
Views
10
Comments
Way to check a users role
Question
Is there a way to check if a user has a role granted based on the name of the role ?
Not using CheckRole<xyz>( sessionUser ) because I don;t know up front which role it is.
So basically a function HasRole( roleName, sessionUser )
I want to use this in a menu system to authorize people for certain menu options.
And want to be able to change the role with a maintenance page
Joop Stringer
And another replated one ... is there a way to grant a role based on a name ...
GrantRole( SessionUser, roleName )
René Sundermeijer
Hi Joop,
I think you have to create a function yourself to achive that. This function will need the Role name, userid and espaceid.
Another option is to share the roles of all espaces and inherit them in the menu system eSpace (asuming the menu system will be created in OutSystems)
Will you join BitsandBijt this afternoon? I will give a presentation about Active Directory integration which includes revoking and granding roles runtime.
1 reply
12 Dec 2012
Show thread
Hide thread
Joop Stringer
Rene Sundermeijer wrote
:
Hi Joop,
I think you have to create a function yourself to achive that. This function will need the Role name, userid and espaceid.
Another option is to share the roles of all espaces and inherit them in the menu system eSpace (asuming the menu system will be created in OutSystems)
Will you join BitsandBijt this afternoon? I will give a presentation about Active Directory integration which includes revoking and granding roles runtime.
Hi Rene,
Interested in your function :-)
We already share all roles of all apps in one eSpace and use a homebrew menu (UL/LI construction)... AND we don't use the (system)users
So we're granting roles on the fly ...
No I'm not there :-(
Justin James
Â
MVP
Joop -
Query the Roles entity by name, joined to Espace entity (use the GetOwnerEspaceId() or something like that to get the local eSpace ID), joined to the UserRole entity, filtered by ID.
J.Ja
Joop Stringer
Justin James wrote
:
Joop -
Query the Roles entity by name, joined to Espace entity (use the GetOwnerEspaceId() or something like that to get the local eSpace ID), joined to the UserRole entity, filtered by ID.
J.Ja
Justin,
We do
NOT
use the users table so the UserRole table is empty :-)
It is all coming from an external system ... and no it's not active directory or LDAP ... so it's really back to basic :-)
Joop
René Sundermeijer
Hi Joop,
In that case it hard to say how you can achieve what you want without knowing how your User Role datastructure is put together.
We extended the OutSystems User and Role table so we are using the 'default' OutSystems setup.
I think that when you want to grand and revoke roles with your own logic you need the User_Role table, because OutSystems needs this table to check if a user has roles.
René
Joop Stringer
Hi Rene,
It's very simple .... we don't use the (system)user table ... but DO use the roles for authorization of webscreens etc....
Our authentication and functional authorization is in an external (CA-GEN) system
Now we need to map that functional stuff to the roles in outsystems ...
We probably end up with some replication of data in outsystems
:-)
Ricardo Silva
If you're not using the Agile Platform's user system, then you're probably granting the roles temporarily for that session.
Why not have a table where you keep the associations between roles and your users and query it to know which roles you granted to each user?
Brian Gall
Do the CheckRole actions that come from a given role work across tenants? Or would I need to do a query on the User_Role table, join with Role, etc. to find if a user has a given role in another tenant?
My scenario is a timer is performing these role checks so I want to make sure that the check is performed across all tenants and not just the current tenant context since the timer is not multi-tenant.
Justin James
Â
MVP
Brian -
It *should* as long as the user is exposed as multi-tenant. I'd do a quick test to be certain.
J.Ja
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting.
See the full guidelines
 Loading...