Authorization (Gateway Java OData Independent API 1.40.11 API)

java.lang.Object
- com.sap.cloud.sdk.service.prov.api.security.Authorization

Direct Known Subclasses:

AuthorizationDecorator, ContainerSecurityImpl
```
public abstract class Authorization
extends Object
```
Base class for all Authorization related APIs.

Constructor Summary

Constructors
Constructor and Description

Authorization()

Constructors
Constructor and Description
`Authorization()`

Method Summary

All Methods Instance Methods Abstract Methods Concrete Methods
Modifier and Type	Method and Description
`abstract String`	`getUserAttribute(String attributeName)` Returns the value for the specified attribute which is part of JWT.
`abstract String`	`getUserId()` Returns the ID of this current user.
`abstract String`	`getUserName()` Returns the name of this current user.
`String`	`getWhereCondition()` Gets the string that has to be updated in the SQL Query as a where condition.
`abstract boolean`	`hasEntityAccess(String entityName, String operation)` Checks if current user is granted access to access the given Odata entity to perform the given operation(READ/WRITE).
`abstract boolean`	`hasUserRole(String roleName)` Checks the current user has the given role or not.
`abstract boolean`	`isAuthenticatedUser(String serviceName)` Checks if current user is authenticated and given OData service requires authenticated user to access it.
`abstract boolean`	`isRegisteredUser(String serviceName)` Checks if current user is registered user and given OData service requires registered user to access it.
`void`	`rejectRequest()` It rejects the request and throws an Unauthorized Exception.
`void`	`setWhereCondition(String whereCondition)` Sets the string that has to be updated in the SQL Query as a where condition.

Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - Authorization
```
public Authorization()
```
- Method Detail
  - isAuthenticatedUser
```
public abstract boolean isAuthenticatedUser(String serviceName)
```
    Checks if current user is authenticated and given OData service requires authenticated user to access it. If there is no restriction defined for the service, It returns true.
    
    Parameters:
    
    serviceName - the OData service name.
    
    Returns:
    
    true if no rule found or satisfies rule, else false.
  - isRegisteredUser
```
public abstract boolean isRegisteredUser(String serviceName)
```
    Checks if current user is registered user and given OData service requires registered user to access it. If there is no restriction defined for the service, It returns true.
    
    Parameters:
    
    serviceName - the OData service name.
    
    Returns:
    
    true if no rule found or satisfies rule, else false.
  - hasEntityAccess
```
public abstract boolean hasEntityAccess(String entityName,
                                        String operation)
```
    Checks if current user is granted access to access the given Odata entity to perform the given operation(READ/WRITE). If no rule found, it returns false. (True only when an operation granted explicitly.)
    
    Parameters:
    
    entityName - the OData entity name.
    
    operation - READ or WRITE.
    
    Returns:
    
    true if no rule found or satisfies rule, else false.
  - getUserName
```
public abstract String getUserName()
```
    Returns the name of this current user.
    
    Returns:
    
    String containing the current principal's user name.
  - getUserId
```
public abstract String getUserId()
```
    Returns the ID of this current user.
    
    Returns:
    
    String containing the current principal's user id.
  - hasUserRole
```
public abstract boolean hasUserRole(String roleName)
```
    Checks the current user has the given role or not.
    
    Parameters:
    
    roleName - the role name.
    
    Returns:
    
    true if user has the given role otherwise false
  - getUserAttribute
```
public abstract String getUserAttribute(String attributeName)
```
    Returns the value for the specified attribute which is part of JWT. It supports fetching attribute values from first level JWT attributes, user attributes and system attributes.
    
    Parameters:
    
    attributeName - the attribute name same as in JWT token.
    
    Returns:
    
    String if user has the given value for given attribute otherwise null
  - getWhereCondition
```
public String getWhereCondition()
```
    Gets the string that has to be updated in the SQL Query as a where condition.
    
    Returns:
    
    where condition as a String.
  - setWhereCondition
```
public void setWhereCondition(String whereCondition)
```
    Sets the string that has to be updated in the SQL Query as a where condition. This is maintained request context level.
    
    Parameters:
    
    whereCondition - as String
  - rejectRequest
```
public void rejectRequest()
                   throws UnauthorizedException
```
    It rejects the request and throws an Unauthorized Exception.
    
    Throws:
    
    UnauthorizedException

Class Authorization

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

Authorization

Method Detail

isAuthenticatedUser

isRegisteredUser

hasEntityAccess

getUserName

getUserId

hasUserRole

getUserAttribute

getWhereCondition

setWhereCondition

rejectRequest