cancel
Showing results for 
Search instead for 
Did you mean: 

check if user has particular role access in Java iView

Former Member
0 Kudos
160

Hello,

I have a link to a portal page as follows.

http://abc.com/SAPPortal/?NavigationTarget=/roles/PODemoRole/PODemo/PODemo_MSPlanIDDisplay?code=1

Now certain users have access to this page and certain users don’t. Within the portal this is not a problem cause, the page will not be displayed if the user does not have access to it. However if the same user who does not have access to this page clicks the above link externally to the portal, the page gets displayed. So it seems like the role check is not being done in this case.

Which means perhaps I have to do it in the java iview itself. But not sure how to do that. Can you suggest how I can get around this problem. Thanks.

Sunil

Accepted Solutions (0)

Answers (3)

Answers (3)

Former Member
0 Kudos

I guess that I didn't actually answer the question that you asked like so many people around here. To get the roles a logged on user has the code is similar to the below.

Compile this into a par file and import into the portal and you will have a master iView. This works for EP5 SP5.

Jon

import com.sapportals.portal.prt.component.*;

import com.sapportals.portal.prt.resource.*;

import com.sapportals.portal.security.usermanagement.*;

public class TestProject1 extends AbstractPortalComponent

{

public void doContent(IPortalComponentRequest request,

IPortalComponentResponse response)

{

IPortalComponentProfile userProfile = request.getComponentContext().getProfile();

IUser loggedOnUser =

(IUser)request.getUser().getUser();

response.write("<br>The roles you are in are:<br>");

for (int i=0; i< loggedOnUser.getRoles().length; i++) {

response.write(loggedOnUser.getRoles()<i> + "<br>");

} // end for

} // end doContent()

} // end class

Former Member
0 Kudos

Isn't there a small bug in the for loop.

Seems to me it will print the first role many times and none of the others.

But thanks for the code!

Former Member
0 Kudos

Looking at what is here yes there is what could be construed as a bug. During the copy/paste and reformatting to show nicely on the screen I must have accidently cut out the "<i>" after the ".getRoles()".

Sorry about that.

Former Member
0 Kudos

Huh, look at that. The open bracket, i, and close bracket are stripped out by the forum software. Well at least here these characters are gone. Maybe I didn't remove them after all during the reformatting.

Former Member
0 Kudos

The Roles in the portal are there only to determine the navigation at the iView/Page/workset level.

Roles do make a difference at the repository level. If I have role glbITRole and the permissions on a directory ( i.e. /documents/IT ) are 'full' for the glbITRole and non-existant for role ameACCTRole which you have, then you will not be able to see any documents in that directory.

Jon

Former Member
0 Kudos

Hi,

Looks like the problem is even bigger. A user who does not have access to a role in EP5.0 can still access the pages and iviews beneath it by accessing the URL directly via.

http://abc.com/SAPPortal/?NavigationTarget=/roles/PODemoRole/PODemo/PurchaseOrder/PODemo_CreatePOPag...

Now I have tested this so that the user who logs on to the portal most certainly does not have access to the role PODemoRole. But still the portal directs the user to the PODemo_CreatePOPage page. There is surely a fix to this. We have EP5.0 Patch 1 Hotfix 10.

If anyone has encountered the same problem, and found a fix please advise. Thanks.

Sunil