Package com.sap.cds.services.request
Interface UserInfo
- All Known Subinterfaces:
ModifiableUserInfo
public interface UserInfo
Interface to fetch user and authorization information.
The current user refers to the authenticated user for whom the request context has been opened. All user information like ids, names, roles, tenant and user attributes are assumed to be verified, i.e. they are secured by adequate means like JWT verification.
-
Method Summary
Modifier and TypeMethodDescriptiondefault <T extends UserInfo>
TProvides type-safe access toUserInfo
and additional attributes.default ModifiableUserInfo
copy()
Creates aModifiableUserInfo
based on thisUserInfo
.static ModifiableUserInfo
create()
Creates aModifiableUserInfo
based on default values of a clearUserInfo
.default Object
getAdditionalAttribute
(String name) Returns additional attribute with given name if existing.Returns all additional attributes asMap
.Returns all user attributes as aMap
.getAttributeValues
(String attribute) Returns aList
of values of the specified attribute as presented in the request.default String
getId()
Returns the verified user id of the request's authenticated user.getName()
Returns the verified user name of the request's authenticated user.getRoles()
Returns theList
of granted user roles.default String
Returns the verified tenant of the request's authenticated user.Deprecated.default boolean
Checks if the current user is associated with the specified user role.boolean
Returnstrue
ifUserInfo
is filled with data of an authenticated user.default boolean
Returnstrue
if the user is the internal user.default boolean
Returnstrue
ifUserInfo
is a privileged user, i.e.default boolean
Returnstrue
if the user is a system user and not a named user.default boolean
isUnrestrictedAttribute
(String attribute) Deprecated.
-
Method Details
-
create
Creates aModifiableUserInfo
based on default values of a clearUserInfo
.- Returns:
- The created
ModifiableUserInfo
instance.
-
getId
Returns the verified user id of the request's authenticated user.- Returns:
- The user id.
-
getName
String getName()Returns the verified user name of the request's authenticated user.- Returns:
- The user name.
-
getTenant
Returns the verified tenant of the request's authenticated user.- Returns:
- The tenant of the user.
-
isSystemUser
default boolean isSystemUser()Returnstrue
if the user is a system user and not a named user.- Returns:
true
if the user is a system user and not a named user.
-
isInternalUser
default boolean isInternalUser()Returnstrue
if the user is the internal user.- Returns:
true
if the user is the internal user.
-
isAuthenticated
boolean isAuthenticated()Returnstrue
ifUserInfo
is filled with data of an authenticated user.- Returns:
true
ifUserInfo
is filled with data of an authenticated user.
-
isPrivileged
default boolean isPrivileged()Returnstrue
ifUserInfo
is a privileged user, i.e. passes all authorization checks. Privileged users can only be used internally.- Returns:
true
ifUserInfo
is a privileged user.
-
hasRole
Checks if the current user is associated with the specified user role.- Parameters:
role
- The name of the role.- Returns:
true
if role is present,false
otherwise.
-
getRoles
Returns theList
of granted user roles.- Returns:
- the
List
of roles.
-
getAttributeValues
Returns aList
of values of the specified attribute as presented in the request.- Parameters:
attribute
- The name of the attribute.- Returns:
- The value of the attribute or an empty list if no values are present.
-
getAttributes
Returns all user attributes as aMap
.- Returns:
- The user attributes.
-
isUnrestrictedAttribute
Deprecated.Returnstrue
if the passed attribute is unrestricted, i.e. the current user has no restrictions with respect to this attribute.- Parameters:
attribute
- The name of the attribute.- Returns:
true
if unrestricted,false
otherwise.
-
getUnrestrictedAttributes
Deprecated.Returns theSet
of unrestricted attributes of the user.- Returns:
- the
Set
of unrestricted attributes.
-
getAdditionalAttribute
Returns additional attribute with given name if existing.- Parameters:
name
- The name of the attribute.- Returns:
- The attribute value as
Object
.
-
getAdditionalAttributes
Returns all additional attributes asMap
.- Returns:
- The additional attributes,
-
as
Provides type-safe access toUserInfo
and additional attributes. Creates a concrete proxy instance implementingUserInfo
and a sub interfaceconcreteUserInfoClazz
which has a concrete API for the additional attributes according to the chosen authentication.Example:
XsuaaUserInfo xsuaaUser = eventContext.getUserInfo().as(XsuaaUserInfo.class);
- Type Parameters:
T
- the type of the concreteUserInfo
interface.- Parameters:
concreteUserInfoClazz
- The sub interface providing the concrete API of additional attributes.- Returns:
- A concrete proxy instance implementing
UserInfo
andconcreteUserInfoClazz
.
-
copy
Creates aModifiableUserInfo
based on thisUserInfo
.- Returns:
- The created
ModifiableUserInfo
instance.
-