4.3 - Session Permissions

List<Permission> sessionPermissions( Session session ) throws SecurityException

This function returns the permissions of the session, i.e., the permissions assigned to its authorized roles.

The function is valid if and only if the session is a valid Fortress session.

Parameters:

  • session - object contains the user’s returned RBAC session from the createSession method.

Returns:

  • List containing permissions active for user’s session.

Throws:

  • SecurityException - is thrown if runtime error occurs with system.

sessionPermissions

import org.apache.directory.fortress.core.AccessMgr;
import org.apache.directory.fortress.core.AccessMgrFactory;
import org.apache.directory.fortress.core.SecurityException;
import org.apache.directory.fortress.core.model.Session;
import org.apache.directory.fortress.core.model.Permission;

@test
public static void testSessionPermissions( Session session )
{
    String szLocation = ".testSessionPermissions";
    try
    {
        // Instantiate the AccessMgr implementation.
        AccessMgr accessMgr = AccessMgrFactory.createInstance();
        
        // Using Session object returned from createSession
        List<Permission> perms = accessMgr.sessionPermissions( session );
        assertNotNull( perms );
        for ( Permission perm : perms  )
        {
            // A Permission consists of an object name and operation name.
            LOG.info( szLocation + " user [" + session.getUserId() + "] permission object ["
            + perm.getObjName() + "] operation name [" + perm.getOpName() + "]" );
        }
    }
    catch ( SecurityException ex )
    {
        LOG.error( szLocation + " caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), ex );
        fail( ex.getMessage() );
    }
}