Package com.sap.cds.services.authorization

Interface AuthorizationService

All Superinterfaces:
Service
public interface AuthorizationService extends Service
Technical service for checking authorization on service or entity level for the current user.

  • Field Details

  • Method Details

    • hasServiceAccess

      boolean hasServiceAccess(String serviceName, String event)
      Checks if the current user is allowed to access the given service. Services might be restricted on basis of roles and events.
      Parameters:
      serviceName - The (fully-qualified) name of the service
      event - The event
      Returns:
      true in case of permission, false otherwise

    • hasEntityAccess

      boolean hasEntityAccess(String entityName, String event)
      Checks if the current user is allowed to access the given entity. Entities might be restricted on basis of roles, events and instance based conditions.
      Parameters:
      entityName - The (fully-qualified) name of the entity
      event - The event
      Returns:
      true in case of permission, false otherwise

    • hasEntityAccess

      boolean hasEntityAccess(String entityName, String event, com.sap.cds.ql.cqn.CqnStatement query)
      Checks if the current user is allowed to access the entity via the given query. Authorizations for auto-exposed entities may be derived from an entity on the path. Entities might be restricted on basis of roles, events and instance based conditions.
      Parameters:
      entityName - The (fully-qualified) name of the entity
      event - The event
      query - The query defining the access path
      Returns:
      true in case of permission, false otherwise

    • hasFunctionAccess

      boolean hasFunctionAccess(String entityName, String functionName)
      Checks if the current user is allowed to access the given function. Functions might be restricted on basis of roles or instance based conditions.
      Parameters:
      entityName - The (fully-qualified) name of the entity in case of bound function
      functionName - The name of the function, full-qualified in case of unbound function
      Returns:
      true in case of permission, false otherwise

    • hasActionAccess

      boolean hasActionAccess(String entityName, String actionName)
      Checks if the current user is allowed to access the given action. Actions might be restricted on basis of roles or instance based conditions.
      Parameters:
      entityName - The (fully-qualified) name of the entity in case of bound action
      actionName - The name of the action, full-qualified in case of unbound action
      Returns:
      true in case of permission, false otherwise

    • calcWhereCondition

      com.sap.cds.ql.cqn.CqnPredicate calcWhereCondition(String entityName, String event)
      Calculates a CqnPredicate which reflects the 'where' conditions for the given entity and event.
      Parameters:
      entityName - The (fully-qualified) name of the entity
      event - The event
      Returns:
      The predicate or null if there is no limitation