WebApps 2

privileged

The privileged object contains utility methods to perform "do-as" operations in WebApps. Available in a server side context of a WebApp.

import privileged from '@sitevision/api/server/privileged';

Important Note! A WebApp that wants to use the privileged utility must state usage of it in its manifest!

The require operation will return null for apps that hasn't explicitly stated the requirePrivileged option.

// manifest.json
{
   "id": "privilegedApp",
   "version": "0.1",
   "type": "WebApp",
   "name": "The privileged app",
   "author": "The Company Inc",
   "requirePrivileged": true    // States that this app will use "privileged"
}	

Methods

privileged.isConfigured()

Returns true if there are a service user configured for usage for the app. Returns false if not.

privileged.getPrivilegedActionUser()

Gets the user the privileged action will run as. Will be null if isConfigured is false.

privileged.doPrivilegedAction(callback)

Executes a callback function as the privileged action user. Callback will be executed as current user if isConfigured is false.

Example

This example returns JSON information about current user outside and within the privileged mode.

// index.js
import router from '@sitevision/api/common/router';
import properties from '@sitevision/api/server/Properties';
import portletContextUtil from '@sitevision/api/server/PortletContextUtil';
import privileged from '@sitevision/api/server/privileged';

router.get('/do-as', (req, res) => {
   // Get name of current user, i.e. the invoker of this route
   const visitorName = properties.get(
      portletContextUtil.getCurrentUser(),
      'displayName'
   );

   // Execute code in privileged mode
   privileged.doPrivilegedAction(() => {
      // Get name of current user when executing code in this privileged mode
      const runningAsName = properties.get(
         portletContextUtil.getCurrentUser(),
         'displayName'
      );

      res.json({
         privileged: privileged.isConfigured(),
         currentUser: visitorName,
         runningAsUser: runningAsName,
      });
   });
});