api session - SAP-archive/xsk GitHub Wiki
Represents the Session with its fields and methods.
- SAP Help
https://help.sap.com/doc/3de842783af24336b6305a3c0223a369/2.0.03/en-US/$.Session.html
- Module
- Sample usage:
var session = $.session;
var response = require('http/v4/response');
var username = session.getUsername()
var timeout = session.getTimeout()
var token = session.getSecurityToken()
var authType = session.authType
// Check the language of the session
response.println("Session language: " +session.language)
// Check if a particular user has the "Administrator" role
if (username === "dirigible" && session.hasAppPrivilege("Administrator")) {
// Check a specific system privilege for that user
if (session.hasSystemPrivilege("Dirigible")) {
// Perform some operation with his session's information
response.println("Username: " +username+ " with session authentication type: " +authType+ " token: " +token+ " and timeout " +timeout);
}
} else {
// Assert that the user is a Developer in all other cases
try {
session.assertAppPrivilege("Developer");
// Check the authentification type
if (authType === "BASIC") {
// Use the information from the current session
response.println("Username: " +username+ " with session authentication type: " +authType+ " token: " +token+ " and timeout " +timeout);
}
} catch(error) {
//Display the missing role that was being asserted
response.println("User does not have the role: " +error.privilege)
}
}
// After all calls are complete, check the invocation count of the current session
response.println("Invocation count: " +session.getInvocationCount());- Coverage
| Members | Description | Status |
|---|---|---|
| authType | Authentication method that was used for the current session. | ✅ |
| language | Language of the session in IETF (BCP 47) format. | ✅ |
| samlAttribute | Provides the detailed content of the AttributeStatement tag which can be part of a SAML assertion. | ❌ |
| samlUserInfo | Provides the materialized content of the AttributeStatement tag which can be part of a SAML assertion. | ❌ |
| Methods | Description | Status |
|---|---|---|
| assertAppPrivilege(privilegeName) | Asserts that the logged-on user has a specified application privilege. | ✅ |
| assertSystemPrivilege(privilegeName) | Asserts that the logged-on user has a specified system privilege. | ✅ |
| getInvocationCount() | Returns the number of requests sent to the current session. | ✅ |
| getSecurityToken() | Returns unique session-specific token that could be used for XSRF prevention. | ✅ |
| getTimeout() | The timeout of the XS session in seconds. | ✅ |
| getUsername() | Returns the username of the logged-on database user. | ✅ |
| hasAppPrivilege(privilegeName) | Checks whether the logged-on user has a specified application privilege. | ✅ |
| hasSystemPrivilege(privilegeName) | Checks whether the logged-on user has a specified system privilege. | ✅ |
- Issues
- Unit Tests
- Integration Tests ❌
✅ - Feature implemented and working as supposed.
❌ - Feature not implemented yet.