‘Tweak Thursdays’ has reached its 10th post. And I am happy to write it. Of course, we are going to continue this series.  Don’t even have an iota of doubt about it.

On a critical week of project delivery, we were all set to release the project which was built on XPages. As we were in the process of peer review, I found a code written in Server-Side Java Script (SSJS) which was meant to check whether a specific role was enabled in the database ACL for the current user. I have given below, the code which was written by my colleague.

function isRoleEnabled(roleName)
{
var enabled = false;
var acl:NotesACL = database.getACL();
var entry:NotesACLEntry = acl.getEntry(@Name(“[Abbreviate]”,@UserName()));
if(entry!=null){
if(entry.isRoleEnabled(roleName)){
enabled = true
}
}
return enabled;
}

The above code works fine for a person who is listed explicitly in the ACL but doesn’t work for a person/server group. This code is very similar to the one given below.

var @UserRoles = function() {
return context.getUser().getRoles().toArray();
};
function isRoleEnabled(roleName){
return (@IsMember(roleName,@UserRoles())) ? true : false;
}

Our ultimate goal was to check if a role was enabled for the current user who could be listed explicitly or as a group in the database ACL. As an example, Bob may have an explicit role listed against his User Name as Designer and a Role as HQStaff in a group called Employees. Assume that our code needs to check if Bob has a role HQStaff in the current database. For this, we need to first see if the role has been specified against his username and if not, find all his groups which are relevant to the database and then see if he has the role HQStaff in any one of them.

For this scenario, @UserNamesList could have been helpful, but it is just not available for XPages. So, we tried to use session.getUserNameList() to achieve the objective, but the attempt was in vain.

Then I thought of using session.getUserGroupNameList() in conjunction with my colleague’s code. This was due to the fact that session.getUserGroupNameList() returns the groups which the user belongs to from the Domino Directory or Personal Address Book where the program is running.

Instead of passing the current user’s abbreviated name in the getEntry() method, I have passed the current user’s group names through a loop. We achieved our goal through the following code.

 

var @UserRoles = function() {
return context.getUser().getRoles().toArray();
};
function isRoleEnabled(roleName){
var roleEnabled = false;

//If a person is listed explicitly in the ACL, “IF LOOP” will be executed

//If a person is a member of a group that’s listed in the ACL, “ELSE LOOP” will be executed

roleEnabled = (@IsMember(roleName,@UserRoles())) ? true : false;
if(roleEnabled==true){
return roleEnabled;
}
else{

//Get the current user’s group name list

var groupList = session.getUserGroupNameList().toArray();
var acl:NotesACL = database.getACL();
var entry:NotesACLEntry;
for(cnt=0; cnt < groupList.length; cnt++){
entry = acl.getEntry(groupList[cnt].toString())
if(entry!=null){
if(entry.isRoleEnabled(roleName)){
roleEnabled = true
}
}
}
return roleEnabled;
}
}