public class UserSession
extends java.lang.Object
implements java.io.Serializable
It contains user attributes, credentials, set of permissions, and methods to check permissions for certain objects.
On the client side a descendant of this class is maintained:
com.haulmont.cuba.client.ClientUserSession
Modifier and Type | Field and Description |
---|---|
protected ConstraintsContainer |
accessConstraints |
protected java.lang.String |
address |
protected java.util.Map<java.lang.String,java.io.Serializable> |
attributes |
protected java.lang.String |
clientInfo |
protected java.util.UUID |
id |
protected RoleDefinition |
joinedRole |
protected java.util.Map<java.lang.String,java.lang.Object> |
localAttributes |
protected java.util.Locale |
locale |
protected Access |
permissionUndefinedAccessPolicy |
protected java.util.List<java.lang.String> |
roles |
protected User |
substitutedUser |
protected boolean |
system |
protected java.util.TimeZone |
timeZone |
protected User |
user |
Constructor and Description |
---|
UserSession()
INTERNAL
Used only for kryo serialization
|
UserSession(UserSession src)
INTERNAL
|
UserSession(UserSession src,
User user,
java.util.Collection<RoleDefinition> roles,
java.util.Locale locale)
INTERNAL
|
UserSession(java.util.UUID id,
User user,
java.util.Collection<RoleDefinition> roles,
java.util.Locale locale,
boolean system)
INTERNAL
|
Modifier and Type | Method and Description |
---|---|
java.lang.String |
getAddress()
Client IP-address
|
<T> T |
getAttribute(java.lang.String name)
Get user session attribute.
|
java.util.Collection<java.lang.String> |
getAttributeNames()
User session attribute names.
|
java.lang.String |
getClientInfo()
Client application info
|
ConstraintsContainer |
getConstraints()
Returns a set of access constraints.
|
User |
getCurrentOrSubstitutedUser()
Returns substituted user if it is not null, logged-in user otherwise.
|
java.util.UUID |
getId()
Session ID
|
RoleDefinition |
getJoinedRole()
Returns an instance of
RoleDefinition interface. |
<T> T |
getLocalAttribute(java.lang.String name)
Get local attribute.
|
java.util.Collection<java.lang.String> |
getLocalAttributeNames()
Local attribute names.
|
java.util.Locale |
getLocale()
User locale
|
java.util.Map<java.lang.String,java.lang.Integer> |
getPermissionsByType(PermissionType type)
Get permissions by type
|
Access |
getPermissionUndefinedAccessPolicy() |
java.lang.Integer |
getPermissionValue(PermissionType type,
java.lang.String target)
INTERNAL
|
java.util.Collection<java.lang.String> |
getRoles()
User role names
|
User |
getSubstitutedUser()
Substituted user.
|
java.util.TimeZone |
getTimeZone()
User time zone.
|
User |
getUser()
Logged-in user
|
boolean |
isEntityAttrPermitted(MetaClass metaClass,
java.lang.String property,
EntityAttrAccess access)
Check user permission for the entity attribute
|
boolean |
isEntityOpPermitted(MetaClass metaClass,
EntityOp entityOp)
Check user permission for the entity operation
|
boolean |
isPermitted(PermissionType type,
java.lang.String target)
Check user permission.
|
boolean |
isPermitted(PermissionType type,
java.lang.String target,
int value)
Check user permission for the specified value.
|
boolean |
isScreenPermitted(java.lang.String windowAlias)
Check user permission for the screen
|
boolean |
isSpecificPermitted(java.lang.String name)
Check specific user permission
|
boolean |
isSystem()
System session is created by
LoginWorker.loginSystem() for system users like schedulers and JMX. |
void |
removeAttribute(java.lang.String name)
Remove user session attribute.
|
void |
removeLocalAttribute(java.lang.String name)
Remove local attribute.
|
void |
setAddress(java.lang.String address)
INTERNAL
|
void |
setAttribute(java.lang.String name,
java.io.Serializable value)
Set user session attribute.
|
void |
setClientInfo(java.lang.String clientInfo)
INTERNAL
|
void |
setConstraints(ConstraintsContainer constraints)
Applies access constraints to the UserSession.
|
void |
setJoinedRole(RoleDefinition joinedRole)
Sets
joinedRole to the UserSession. |
void |
setLocalAttribute(java.lang.String name,
java.lang.Object value)
Set local attribute.
|
java.lang.Object |
setLocalAttributeIfAbsent(java.lang.String name,
java.lang.Object value)
Set local attribute.
|
void |
setLocale(java.util.Locale locale)
INTERNAL
|
void |
setPermissionUndefinedAccessPolicy(Access permissionUndefinedAccessPolicy)
INTERNAL
Sets the policy to resolve undefined permission values.
|
void |
setSubstitutedUser(User substitutedUser)
INTERNAL
|
void |
setTimeZone(java.util.TimeZone timeZone)
INTERNAL
|
void |
setUser(User user)
INTERNAL
|
java.lang.String |
toString() |
protected java.util.UUID id
protected User user
protected User substitutedUser
protected java.util.List<java.lang.String> roles
protected java.util.Locale locale
protected java.util.TimeZone timeZone
protected java.lang.String address
protected java.lang.String clientInfo
protected boolean system
protected RoleDefinition joinedRole
protected Access permissionUndefinedAccessPolicy
protected ConstraintsContainer accessConstraints
protected java.util.Map<java.lang.String,java.io.Serializable> attributes
protected transient java.util.Map<java.lang.String,java.lang.Object> localAttributes
public UserSession()
public UserSession(java.util.UUID id, User user, java.util.Collection<RoleDefinition> roles, java.util.Locale locale, boolean system)
public UserSession(UserSession src, User user, java.util.Collection<RoleDefinition> roles, java.util.Locale locale)
public UserSession(UserSession src)
public java.util.UUID getId()
public User getUser()
public void setUser(User user)
public User getSubstitutedUser()
public void setSubstitutedUser(User substitutedUser)
public User getCurrentOrSubstitutedUser()
public java.util.Collection<java.lang.String> getRoles()
public java.util.Locale getLocale()
public void setLocale(java.util.Locale locale)
@Nullable public java.util.TimeZone getTimeZone()
public void setTimeZone(java.util.TimeZone timeZone)
public java.lang.String getAddress()
public void setAddress(java.lang.String address)
public java.lang.String getClientInfo()
public void setClientInfo(java.lang.String clientInfo)
public java.lang.Integer getPermissionValue(PermissionType type, java.lang.String target)
public java.util.Map<java.lang.String,java.lang.Integer> getPermissionsByType(PermissionType type)
public boolean isScreenPermitted(java.lang.String windowAlias)
public boolean isEntityOpPermitted(MetaClass metaClass, EntityOp entityOp)
public boolean isEntityAttrPermitted(MetaClass metaClass, java.lang.String property, EntityAttrAccess access)
public boolean isSpecificPermitted(java.lang.String name)
public boolean isPermitted(PermissionType type, java.lang.String target)
isPermitted(com.haulmont.cuba.security.entity.PermissionType, String, int)
with value=1
type
- permission typetarget
- permission target:public boolean isPermitted(PermissionType type, java.lang.String target, int value)
type
- permission typetarget
- permission target:value
- method returns true if the corresponding Permission
record contains value equal or greater than specified@Nullable public <T> T getAttribute(java.lang.String name)
name
- attribute name. The following names have predefined values:
public void removeAttribute(java.lang.String name)
name
- attribute namepublic void setAttribute(java.lang.String name, java.io.Serializable value)
name
- attribute namevalue
- attribute valuepublic java.util.Collection<java.lang.String> getAttributeNames()
@Nullable public <T> T getLocalAttribute(java.lang.String name)
name
- attribute namepublic void removeLocalAttribute(java.lang.String name)
name
- attribute namepublic void setLocalAttribute(java.lang.String name, java.lang.Object value)
name
- attribute namevalue
- attribute valuepublic java.lang.Object setLocalAttributeIfAbsent(java.lang.String name, java.lang.Object value)
name
- attribute namevalue
- attribute valuenull
if there was no mapping for the key.
(A null
return can also indicate that the map
previously associated null
with the key,
if the implementation supports null values.)public java.util.Collection<java.lang.String> getLocalAttributeNames()
public boolean isSystem()
LoginWorker.loginSystem()
for system users like schedulers and JMX.
It is not replicated in cluster.
public RoleDefinition getJoinedRole()
RoleDefinition
interface. It can be used to retrieve information about user permissions.
If you need to modify user permissions, use RoleDefBuilder
to construct a suitable role and then
apply it using setJoinedRole(com.haulmont.cuba.security.role.RoleDefinition)
method.
public void setJoinedRole(RoleDefinition joinedRole)
joinedRole
to the UserSession. After that user will only have permissions defined in the specified role.
Use RoleDefinitionBuilder
to construct a suitable role.
public ConstraintsContainer getConstraints()
AccessConstraintsBuilder
to construct a new set of constraints and then
apply it using setConstraints(ConstraintsContainer)
method.public void setConstraints(ConstraintsContainer constraints)
Use AccessConstraintsBuilder
to construct a new set of constraints.
public Access getPermissionUndefinedAccessPolicy()
public void setPermissionUndefinedAccessPolicy(Access permissionUndefinedAccessPolicy)
ServerConfig#getDefaultPermissionValuesConfigEnabled
public java.lang.String toString()
toString
in class java.lang.Object