Forum Discussion

angela's avatar
angela
Catalyst II
7 years ago
Solved

Check if user has certain permissions in client side Method

Hi, I created a custom Action in ItemType 'Part' that calls a client Method. Only the Part Owner shall be able to run the Action. The Owner can be one person or a user group. How can I check, if the current user is in this user group and have the necessary permissions to run the Action? I tried the following AML query, but unfortunately no Result is returned: 
// check permission
var aml = "<AML><Item type = \"Part\" id=\"7FB48EA1AFAC4DA498F7AA4E531A7828\" access_type=\"can_update\" action=\"getPermissions\" ></Item></AML>";
var result = inn.applyAML(aml);
return alert(result.getResult() );
In a server side Method I can use the following code: 
string ownedById = this.getProperty("owned_by_id");
if (!CCO.Permissions.IdentityListHasId(Aras.Server.Security.Permissions.Current.IdentitiesList, ownedById))
{
  return inn.newError("Not allowed.");
}
Is something similar available for client side Methods? Thanks for your help! Angela
  • Andreas_S_'s avatar
    Andreas_S_
    7 years ago
    Hi, you can use this: 
    
function pb_isCurrUserMemberOfIdentityId(identity_to_check)
{
if (identity_to_check === "") {return false;}
var sessionIdentitites_array = top.aras.getIdentityList().split(",");
// now we have all identities the current user (session) is member of
// scan if given identity is in the list - if yes, return true
for (var i=0;i<sessionIdentitites_array.length;i++)
{
if (identity_to_check == sessionIdentitites_array) {return true;}
}
return false;
};
     

7 Replies

  • Andreas_S_'s avatar
    Andreas_S_
    Ideator III
    7 years ago
    Hi, you can use this: 
    
function pb_isCurrUserMemberOfIdentityId(identity_to_check)
{
if (identity_to_check === "") {return false;}
var sessionIdentitites_array = top.aras.getIdentityList().split(",");
// now we have all identities the current user (session) is member of
// scan if given identity is in the list - if yes, return true
for (var i=0;i<sessionIdentitites_array.length;i++)
{
if (identity_to_check == sessionIdentitites_array) {return true;}
}
return false;
};
     
  • angela's avatar
    angela
    Catalyst II
    7 years ago
    Hi, this is very nice solution, it works excellent! Thanks for your quick help! Angela
  • kaftab1's avatar
    kaftab1
    Creator I
    1 year ago

    Hi Angela,

    I know this is very old, but you probably know the answer to this question. Can I ask you how you came to find this method (Aras.Server.Security.Permissions.Current.IdentitiesList)? Is there documentation somewhere that lists this? Or was it something you picked from some other code?

    Thank you,

    Kamran

    • angela's avatar
      angela
      Catalyst II
      1 year ago

      I assume this function is part of the Aras.Server.Security.Permissions class in the Aras.Server.Core.dll (?). At least in I12. I don´t know if there is an official API reference guide available. In theory you could analyse the DLL but this probably would void the terms-of-use. And the function names are not very useful anyway without proper samples.

      In this this specific case I either found it in this forum or somewhere in the OOTB Innovator code years ago. The PE application uses it. In general the PE code contains a lot of useful and less known stuff to reuse. 

      But also the forum mentioned it:  link 

      In I14 the code has changed to: CCO.Permissions.IdentitiesList

      • kaftab1's avatar
        kaftab1
        Creator I
        1 year ago

        Thanks for your response. I wonder why they don't publish the API documentation. That would be so helpful.