A User object represents someone who can log into the system. When a Person needs to access the system they are given a username and password – a row in the users table. User has a column with a foreign key to the associated person id. This means that one Person can have multiple User accounts for multiple logins.
Users are given permissions through Roles. Each Role has a set of Privileges assigned to it. Those atomic privileges are used in the code to restrict access to different parts of the API.
To check whether the current user has permissions, use Context.hasPrivilege().
A User object represents a Person who can log into the system.
Properties on a User:
- userId: the database's integer used to identify the object.
- person: the Person associated with the user.
- systemId: a unique identifier assigned to each user.
- username: the username for the user.
- email: the email address for the user.
- roles: a list of roles attributed to the user.
- userProperties: the properties of the user.
The User class source code can be seen here.
The UserService class source code can be seen here.
A module demonstrating how to use this class can be seen here.
Roles are hierarchical. A role inherits privileges from its parent. A user can have multiple roles, and a role can have multiple privileges.
Properties on a Role:
- role: the role assigned to the user.
- privileges: the privileges for this role.
- inheritedRoles: the roles that extend or inherit this role.
- childRoles: roles that are children of this role.
The Role class source code can be seen here.
Privilege is a property of a Role.
Properties on a Privilege:
- privilege: the name of the privilege.
The Privilege class source code can be seen here.
A set of key value pairs. Used to store user specific data. Something like:
Here is a class diagram for User and related classes.