Package ch.ivyteam.ivy.security

Interface ISession

    • Method Detail

      • getIdentifier

        int getIdentifier()
        Returns the session identifier
        Returns:
        session identifier
        API:
        This public API is available in IvyScript and Java. It has the visibility EXPERT.

      • isSessionUserUnknown

        boolean isSessionUserUnknown()
        Is Session user a unknown user
        Returns:
        true if session user is unknown
        Throws:
        PersistencyException - if persistency access fails
        API:
        This public API is available in IvyScript and Java. It has the visibility NOVICE.

      • isSessionUserSystemUser

        boolean isSessionUserSystemUser()
        Returns true if the current session user is the System User.
        Returns:
        true if the current session user is the System User.
        Throws:
        PersistencyException - if persistency access fails
        API:
        This public API is available in IvyScript and Java. It has the visibility EXPERT.

      • getSessionUser

        IUser getSessionUser()
        Returns the session user
        Returns:
        session user or null if session user is unknown
        Throws:
        PersistencyException - if persistency access fails
        API:
        This public API is available in IvyScript and Java. It has the visibility NOVICE.

      • assignRole

        void assignRole​(IRole role)
        Assigns a role to the session.
        Parameters:
        role - The role to assign
        Throws:
        PersistencyException - if persistency access fails
        API:
        This public API is available in IvyScript and Java. It has the visibility EXPERT.
        Security:
        SESSION MATCHES THIS OR OWNS SessionAssignRole PERMISSION OR OWNS SessionAssignRole@SYSTEM PERMISSION

      • checkPassword

        boolean checkPassword​(String password)
        Verifies the current user's password. This method will only work if the session user is a wellknown user since unknown users don't have a password
        Parameters:
        password - The password to be checked
        Returns:
        true if the specified password is correct for the currently logged on user, false otherwise
        Throws:
        PersistencyException - if persistency access fails
        API:
        This public API is available in IvyScript and Java. It has the visibility ADVANCED.

      • loginSessionUser

        boolean loginSessionUser​(String userName,
                         String password)
        Logs in the session user if authentication is successful.

        In case of success the user is assigned to the session. Which means the session user changes from unknown to a wellknown user. If there is already a user authenticated within the session, then the old user is logged out after successful authentication of the new user (unless it is the same user, in which case no logout is performed).

        See logoutSessionUser for a description what happens during logout. When the logout is performed, all running tasks of this session are reset, except the current running one.

        If authentication is not not successful, the method will return false

        Parameters:
        userName - The name of the user
        password - The password of the user
        Returns:
        true if login was successful, false otherwise
        Throws:
        PersistencyException - if persistency access fails
        API:
        This public API is available in IvyScript and Java. It has the visibility ADVANCED.

      • logoutSessionUser

        void logoutSessionUser()
        Logs the session user out of this session. The session user is afterwards unknown. All task which the user has resumed so far are reset, except the current running one. To login a session user use the method authenticateSessionUser
        Throws:
        PersistencyException - if persistency access fails
        API:
        This public API is available in IvyScript and Java. It has the visibility ADVANCED.

      • getSecurityContext

        ISecurityContext getSecurityContext()
        Gets the security context
        Returns:
        security context
        API:
        This public API is available in IvyScript and Java. It has the visibility EXPERT.

      • isAbsent

        boolean isAbsent()
        Is the session user currently absent
        Returns:
        true if it is absent, otherwise false
        Throws:
        PersistencyException - if persistency access fails
        API:
        This public API is available in IvyScript and Java. It has the visibility ADVANCED.
        Security:
        SESSION MATCHES THIS OR OWNS SessionReadAbsent PERMISSION OR OWNS SessionReadAbsent@SYSTEM PERMISSION

      • hasActiveSubstitutions

        boolean hasActiveSubstitutions()
        Returns true if this session is an active substitution for other users (at least one). Active means the substituted user(s) is (are) absent, so that this session acts as substitute for that (those) users.
        Returns:
        true if session is an active subsitution, otherwise false.
        Throws:
        PersistencyException - if persistency access fails
        API:
        This public API is available in IvyScript and Java. It has the visibility ADVANCED.
        Security:
        SESSION MATCHES THIS OR OWNS SessionReadActiveSubstitutions PERMISSION OR OWNS SessionReadActiveSubstitutions@SYSTEM PERMISSION

      • getActiveSubstitutions

        List<IUserSubstitute> getActiveSubstitutions()
        Gets the active substitutions
        Returns:
        DataSet with the active substitutions
        Throws:
        PersistencyException - if persistency access fails
        API:
        This public API is available in IvyScript and Java. It has the visibility ADVANCED.
        Security:
        SESSION MATCHES THIS OR OWNS SessionReadActiveSubstitutions PERMISSION OR OWNS SessionReadActiveSubstitutions@SYSTEM PERMISSION

      • getClusterNode

        String getClusterNode()
        Gets the cluster node the session is running (task state RESUMED) on
        Returns:
        the name of the cluster node the session is running (task state RESUMED) on
        API:
        This public API is available in IvyScript and Java. It has the visibility EXPERT.

      • isMemberThroughActiveSubstitution

        boolean isMemberThroughActiveSubstitution​(String securityMemberName)
        Returns true if the current user is member of the security member name because of active substitution that substitutes him as the security member. If the security mamber is a role that the current user owns for himself or is himself the method return false.
        Parameters:
        securityMemberName - the security mamaber name
        Returns:
        true if he is a member of an active substitution, otherwise false.
        Throws:
        PersistencyException - if persistency access fails
        API:
        This public API is available in IvyScript and Java. It has the visibility ADVANCED.
        Security:
        SESSION MATCHES THIS OR OWNS SessionReadIsMemberThroughActiveSubstitution PERMISSION OR OWNS SessionReadIsMemberThroughActiveSubstitution@SYSTEM PERMISSION

      • isMemberThroughActiveSubstitution

        boolean isMemberThroughActiveSubstitution​(ISecurityMember securityMember)
        Returns true if the current user is member of the security member because of active substitution that substitutes him as the security member. If the security mamber is a role that the current user owns for himself or is himself the method return false.
        Parameters:
        securityMember - the security mamaber
        Returns:
        true if he is a member of an active substitution, otherwise false.
        Throws:
        PersistencyException - if persistency access fails
        API:
        This public API is available in IvyScript and Java. It has the visibility ADVANCED.
        Security:
        SESSION MATCHES THIS OR OWNS SessionReadIsMemberThroughActiveSubstitution PERMISSION OR OWNS SessionReadIsMemberThroughActiveSubstitution@SYSTEM PERMISSION

      • getMySessions

        List<ISession> getMySessions()
        Gets all other session where the current session user is also logged in. Sessions from other cluster nodes are NOT contained in the result
        Returns:
        DataSet with my sessions
        Throws:
        PersistencyException - if persistency access fails
        API:
        This public API is available in IvyScript and Java. It has the visibility ADVANCED.
        Security:
        SESSION MATCHES THIS OR OWNS SessionReadAllMySessions PERMISSION OR OWNS SessionReadAllMySessions@SYSTEM PERMISSION

      • hasMoreThanOneSession

        boolean hasMoreThanOneSession()
        Returns true if the session user is logged into more than one session. This method does NOT consider sessions on other cluster nodes
        Returns:
        true if user is logged into more than one session, otherwise false
        Throws:
        PersistencyException - if persistency access fails
        API:
        This public API is available in IvyScript and Java. It has the visibility ADVANCED.
        Security:
        SESSION MATCHES THIS OR OWNS SessionReadAllMySessions PERMISSION OR OWNS SessionReadAllMySessions@SYSTEM PERMISSION

      • hasPermission

        boolean hasPermission​(ISecurityDescriptor securityDescriptor,
                      IPermission permission)
        Checks if the current session has a certain permission on the security descriptor
        Parameters:
        securityDescriptor - the security descriptor to check for the permission
        permission - the identifier of the permission to check
        Returns:
        true if sesion has permission, otherwise false
        Throws:
        PersistencyException - if persistency access fails
        API:
        This public API is available in IvyScript and Java. It has the visibility EXPERT.

      • checkPermission

        void checkPermission​(ISecurityDescriptor securityDescriptor,
                     IPermission permission)
        Checks if the current session has a certain permission on the security descriptor
        Parameters:
        securityDescriptor - the security descriptor to check for the permission
        permission - the permission to check
        Throws:
        PersistencyException - if persistency access fails
        API:
        This public API is available in IvyScript and Java. It has the visibility EXPERT.

      • getSessionUserName

        String getSessionUserName()
        Gets the user name of the session user or if the session user is unknown returns "Unknown User (Session ###)" where ### stands for the session identifier
        Returns:
        session user name
        Throws:
        PersistencyException - if persistency access fails
        API:
        This public API is available in IvyScript and Java. It has the visibility NOVICE.

      • setContentLocale

        void setContentLocale​(Locale contentLocale)
        Sets the locale (language and country) to use for the look up of content objects from the CMS. This value overrides the locale computed by the ivy Engine depending on the client browser and client OS.
        Parameters:
        contentLocale - the language and country to use for the look up of content objects from the CMS, or null to reset the setting.
        API:
        This public API is available in IvyScript and Java. It has the visibility ADVANCED.

      • setContentLocale

        void setContentLocale​(String language,
                      String country)
        Sets the locale (language and country) to use for the look up of content objects from the CMS. This value overrides the locale computed by the ivy Engine depending on the client browser and client OS. Construct a locale from language, country. NOTE: ISO 639 is not a stable standard; some of the language codes it defines (specifically iw, ji, and in) have changed. This constructor accepts both the old codes (iw, ji, and in) and the new codes (he, yi, and id), but all other API on Locale will return only the OLD codes.
        Parameters:
        language - two-letter ISO-639-1 code
        country - two-letter ISO-3166 code
        Throws:
        NullPointerException - thrown if either argument is null
        API:
        This public API is available in IvyScript and Java. It has the visibility ADVANCED.

      • getContentLocale

        Locale getContentLocale()
        Returns the current language and country to use for the look up of content objects from the CMS. If no user settings are made by calling the setContentLocale(...) method, then the ivy Engine uses the client browser and client OS settings to evaluate the current locale.
        Returns:
        the current locale to use for the look up of content objects from the CMS.
        API:
        This public API is available in IvyScript and Java. It has the visibility ADVANCED.

      • setFormattingLocale

        void setFormattingLocale​(Locale formattingLocale)
        Sets the locale (language and country) to use for the formatting of Date, Time and Numbers. This value overrides the locale computed by the ivy Engine depending on the client browser and client OS.
        Parameters:
        formattingLocale - the language and country to use for the formatting of Date, Time and Numbers, or null to reset the setting.
        API:
        This public API is available in IvyScript and Java. It has the visibility ADVANCED.

      • setFormattingLocale

        void setFormattingLocale​(String language,
                         String country)
        Sets the locale (language and country) to use for the formatting of Date, Time and Numbers. This value overrides the locale computed by the ivy Engine depending on the client browser and client OS.
        Parameters:
        language - two-letter ISO-639-1 code
        country - two-letter ISO-3166 code
        Throws:
        NullPointerException - thrown if either argument is null
        API:
        This public API is available in IvyScript and Java. It has the visibility ADVANCED.

      • getFormattingLocale

        Locale getFormattingLocale()
        Returns the current language and country to use for the formatting of Date, Time and Numbers. If no user settings are made by calling the setFormattingLocale(...) method, then the ivy Engine uses the client browser and client OS settings to evaluate the current locale.
        Returns:
        the current locale to use for the formatting of Date, Time and Numbers.
        API:
        This public API is available in IvyScript and Java. It has the visibility ADVANCED.

      • setActiveEnvironment

        void setActiveEnvironment​(String name)
        Sets the name of the environment on this session.
        This will override the environment settings defined on the application. The setting could be overriden by setting the environment on the ICase.setActiveEnvironment(String). For detailed description of the environment evaluation see IApplication.getActualEnvironment().
        Parameters:
        name - name of the environment. Use null or an empty string to set none
        Throws:
        PersistencyException - If persistency access fails
        NoSuchElementException - If the environment does not exist
        API:
        This public API is available in IvyScript and Java. It has the visibility EXPERT.

      • getActiveEnvironment

        String getActiveEnvironment()
        Returns:
        The name of the environment which is set on the session or null if none is set.
        API:
        This public API is available in IvyScript and Java. It has the visibility EXPERT.