Way to check a users role

Way to check a users role

  
Is there a way to check if a user has a role granted based on the name of the role ?

Not using CheckRole<xyz>( sessionUser ) because I don;t know up front which role it is.
So basically a function HasRole( roleName, sessionUser )

I want to use this in a menu system to authorize people for certain menu options.
And want to be able to change the role with a maintenance page
And another replated one ... is there a way to grant a role based on a name ...
GrantRole( SessionUser, roleName )
Hi Joop,

I think you have to create a function yourself to achive that. This function will need the Role name, userid and espaceid.
Another option is to share the roles of all espaces and inherit them in the menu system eSpace (asuming the menu system will be created in OutSystems)

Will you join BitsandBijt this afternoon? I will give a presentation about Active Directory integration which includes revoking and granding roles runtime.




Rene Sundermeijer wrote:
Hi Joop,

I think you have to create a function yourself to achive that. This function will need the Role name, userid and espaceid.
Another option is to share the roles of all espaces and inherit them in the menu system eSpace (asuming the menu system will be created in OutSystems)

Will you join BitsandBijt this afternoon? I will give a presentation about Active Directory integration which includes revoking and granding roles runtime.



 
 Hi Rene,

Interested in your function :-)

We already share all roles of all apps in one eSpace and use a homebrew menu (UL/LI construction)... AND we don't use the (system)users
So we're granting roles on the fly ...

No I'm not there :-(
 
Joop -

Query the Roles entity by name, joined to Espace entity (use the GetOwnerEspaceId() or something like that to get the local eSpace ID), joined to the UserRole entity, filtered by ID.

J.Ja
Justin James wrote:
Joop -

Query the Roles entity by name, joined to Espace entity (use the GetOwnerEspaceId() or something like that to get the local eSpace ID), joined to the UserRole entity, filtered by ID.

J.Ja
 
 Justin,

We do NOT use the users table so the UserRole table is empty :-)
It is all coming from an external system ... and no it's not active directory or LDAP ... so it's really back to basic :-)

Joop
Hi Joop,

In that case it hard to say how you can achieve what you want without knowing how your User Role datastructure is put together.

We extended the OutSystems User and Role table so we are using the 'default' OutSystems setup.

I think that when you want to grand and revoke roles with your own logic you need the User_Role table, because OutSystems needs this table to check if a user has roles.

René


Hi Rene,

It's very simple .... we don't use the (system)user table ... but DO use the roles for authorization of webscreens etc....
Our authentication and functional authorization is in an external (CA-GEN) system 
Now we need to map that functional stuff to the roles in outsystems ...
We probably end up with some replication of data in outsystems

:-)
If you're not using the Agile Platform's user system, then you're probably granting the roles temporarily for that session.

Why not have a table where you keep the associations between roles and your users and query it to know which roles you granted to each user?
Do the CheckRole actions that come from a given role work across tenants? Or would I need to do a query on the User_Role table, join with Role, etc. to find if a user has a given role in another tenant?

My scenario is a timer is performing these role checks so I want to make sure that the check is performed across all tenants and not just the current tenant context since the timer is not multi-tenant.
Brian -

It *should* as long as the user is exposed as multi-tenant. I'd do a quick test to be certain.

J.Ja