Skip to content
This repository has been archived by the owner on Aug 1, 2022. It is now read-only.

api session

Ayhan Rashidov edited this page Sep 27, 2021 · 5 revisions

$.session API

Represents the Session with its fields and methods.

Reference

  • SAP Help

https://help.sap.com/doc/3de842783af24336b6305a3c0223a369/2.0.03/en-US/$.Session.html

  • Module

https://github.com/SAP/xsk/tree/main/modules/api/api-xsjs/src/main/resources/META-INF/dirigible/xsk/session

  • Sample usage:
var session = $.session;
var response = require('http/v4/response');

var username = session.getUsername()
var timeout = session.getTimeout()
var token = session.getSecurityToken()
var authType = session.authType

// Check the language of the session
response.println("Session language: " +session.language)

// Check if a particular user has the "Administrator" role
if (username === "dirigible" && session.hasAppPrivilege("Administrator")) {
    // Check a specific system privilege for that user
    if (session.hasSystemPrivilege("Dirigible")) {
        // Perform some operation with his session's information
        response.println("Username: " +username+ " with session authentication type: " +authType+ " token: " +token+ " and timeout " +timeout);
    }
} else {
    // Assert that the user is a Developer in all other cases
    try {
        session.assertAppPrivilege("Developer");
        // Check the authentification type
        if (authType === "BASIC") {
            // Use the information from the current session
            response.println("Username: " +username+ " with session authentication type: " +authType+ " token: " +token+ " and timeout " +timeout);
        }
    } catch(error) {
        //Display the missing role that was being asserted
        response.println("User does not have the role: " +error.privilege)
    }
}

// After all calls are complete, check the invocation count of the current session
response.println("Invocation count: " +session.getInvocationCount());
  • Coverage
Members Description Status
authType Authentication method that was used for the current session.
language Language of the session in IETF (BCP 47) format.
samlAttribute Provides the detailed content of the AttributeStatement tag which can be part of a SAML assertion.
samlUserInfo Provides the materialized content of the AttributeStatement tag which can be part of a SAML assertion.
Methods Description Status
assertAppPrivilege(privilegeName) Asserts that the logged-on user has a specified application privilege.
assertSystemPrivilege(privilegeName) Asserts that the logged-on user has a specified system privilege.
getInvocationCount() Returns the number of requests sent to the current session.
getSecurityToken() Returns unique session-specific token that could be used for XSRF prevention.
getTimeout() The timeout of the XS session in seconds.
getUsername() Returns the username of the logged-on database user.
hasAppPrivilege(privilegeName) Checks whether the logged-on user has a specified application privilege.
hasSystemPrivilege(privilegeName) Checks whether the logged-on user has a specified system privilege.
  • Issues

https://github.com/SAP/xsk/issues/11

  • Unit Tests

https://github.com/SAP/xsk/tree/main/modules/engines/engine-xsjs/src/test/resources/test/xsk/session/session.xsjs

  • Integration Tests ❌

Wiki icons legend

✅ - Feature implemented and working as supposed.
⚠️ - Feature partially implemented and needs to be finished.
❌ - Feature not implemented yet.

Project

Architecture

Tips & Tricks

Infrastructure

Troubleshooting guide

Clone this wiki locally