Checking Permissions
Context
Use this procedure to build a permission check into your application.
There are two methods for checking permissions:
-
checkPermission()
This method throws AccessControlException when the permission check fails. The method also writes the result of the check to the security audit log, depending on the configuration of the security audit log. By default, the security audit log only records failed checks, in other words access violations.
Use this method to enforce that the user has the permission before performing a specific task and where it is important to log access violations.
-
hasPermission()
This method returns true or false based on whether the check is successful or not. The method is comparable to isUserInRole() and isCallerInRole() methods of the Java EE standard. The exception is that the hasPermission() method can check a value in addition to a permission name.
Use this method to make decisions based on permissions, such as showing and hiding user interface elements or simple checks that do not require an entry in the security audit log.
More Information
SAP Help Portal: Security Audit Log of the AS Java .
Procedure
Example
The following example shows a Web Dynpro user interface element only if the current user has a permission named ExamplePermission .
//@@begin javadoc:getCheck_visibility
/**
* Declared getter method for attribute check_visibility of node Context.
*
* @param element the element requested for the value
* @return the calculated value for attribute check_visibility
*/
//@@end
public com.sap.tc.webdynpro.progmodel.api.WDVisibility getCheck_visibility(IPrivateAuthorizationtestCompView.IContextElement element)
{
//@@begin getCheck_visibility
if (hasPermission)
return com.sap.tc.webdynpro.progmodel.api.WDVisibility.VISIBLE;
else
return com.sap.tc.webdynpro.progmodel.api.WDVisibility.NONE;
//@@end
}