Joget DX Preview Release Available for Download

Check out Joget DX, the next generation successor to Joget Workflow for faster, simpler digital transformation.

Skip to end of metadata
Go to start of metadata
Description

Active Directory schemas often comes with a plethora of customizations to cater to the specific requirements of an organization.

The sample code snippet below can be used in Bean Shell Permission, to retrieve the values of your custom user object attribute, to perform permission logic.

This guide is applicable for all permission types, e.g: Form Permission, Userview Category Permission, etc.
import java.util.Map;
import org.joget.directory.model.User;
import org.joget.plugin.ldap.model.UserLDAPImpl;
import javax.naming.directory.Attributes;

public boolean isAuthorized(User user, Map params) {

    /* 
    'user' parameter is current user
    'user' parameter is of User object, UserLDAPImpl extends User
    */

    // Check if current user is not anonymous & current user belongs to AD user
    if (user != null && user instanceof UserLDAPImpl) {

        // Cast 'user' object to UserLDAPImpl
        UserLDAPImpl ldapUser = (UserLDAPImpl) user;

        // Re-use method getAttributes() to get user details
        Attributes attrs = ldapUser.getAttributes();

        //Change the attribute name here to suit your requirements
        String attributeName = "cn";
        if (attrs.get(attributeName) != null) {

            //This is how to retrieve attribute values
            System.out.println(attrs.get(attributeName).get().toString());

            /*
            Perform your permission logic for AD users here
            */
        }
    } else if (user != null && !(user instanceof UserLDAPImpl)) {
        /*
        Handle permission logic for non-AD users
        */
    } else {
        return false;
    }
}

//call isAuthorized method with injected variable
return isAuthorized(user, requestParams);

 

 

 

  • No labels