Privileged [@since 7.0]
The privileged
object contains utility methods to perform "do-as" operations in WebApps/RESTApps. Use require('privileged')
in a server side context of a WebApp/RESTApp to retrieve the object.
const privileged = require('privileged');
Important Note! A WebApp/RESTApp that wants to use the privileged utility must state usage of it in its manifest!
The require operation will return null for apps that hasn't explicitly stated the requirePrivileged
option.
// manifest.json
{
"id": "privilegedApp",
"version": "0.1",
"type": "WebApp",
"name": "The privileged app",
"author": "The Company Inc",
"requirePrivileged": true // States that this app will use "privileged"
}
Methods
privileged.isConfigured()
Returns true if there are a service user configured for usage for the app. Returns false if not.
privileged.getPrivilegedActionUser()
Gets the user the privileged action will run as. Will be null if isConfigured is false.
privileged.doPrivilegedAction(callback)
Executes a callback function as the privileged action user. Callback will be executed as current user if isConfigured is false.
Example
This example returns JSON information about current user outside and within the privileged mode.
// index.js
(function () {
'use strict';
const router = require('router');
...
router.get('/do-as', (req, res) => {
const properties = require('Properties');
const contextUtil = require('PortletContextUtil');
const privileged = require('privileged');
// Get name of current user, i.e. the invoker of this route
const visitorName = properties.get(contextUtil.getCurrentUser(), 'displayName');
// Execute code in privileged mode
privileged.doPrivilegedAction(() => {
// Get name of current user when executing code in this privileged mode
const runningAsName = properties.get(contextUtil.getCurrentUser(), 'displayName')
res.json({
privileged: privileged.isConfigured(),
currentUser: visitorName,
runningAsUser: runningAsName
});
});
});
})();