$.session

$.session represents the Session with its fields and methods.

Overview

Definition: https://github.com/SAP/xsk/issues/11
Module: session/session.js
Status: alpha

Sample Usage

var session = $.session;

var username = session.getUsername()
var timeout = session.getTimeout()
var token = session.getSecurityToken()
var authType = session.authType

// Check the language of the session
response.println("Session language: " +session.language)

// Check if a particular user has the "Administrator" role
if (username === "dirigible" && session.hasAppPrivilege("Administrator")) {
    // Check a specific system privilege for that user
    if (session.hasSystemPrivilege("Dirigible")) {
        // Perform some operation with his session's information
        $.response.setBody("Username: " + username + " with session authentication type: " + authType + " token: " + token + " and timeout " + timeout);
    }
} else {
    // Assert that the user is a Developer in all other cases
    try {
        session.assertAppPrivilege("Developer");
        // Check the authentification type
        if (authType === "BASIC") {
            // Use the information from the current session
            $.response.setBody("Username: " + username + " with session authentication type: " + authType + " token: " + token + " and timeout " + timeout);
        }
    } catch(error) {
        //Display the missing role that was being asserted
        $.response.setBody("User does not have the role: " + error.privilege);
    }
}

// After all calls are complete, check the invocation count of the current session
$.response.setBody("Invocation count: " + session.getInvocationCount());

Properties

Name	Description	Type
authType	Authentication method that was used for the current session.	`string/null`
language	Language of the session in IETF (BCP 47) format.	`string`
samlAttribute	Provides the detailed content of the AttributeStatement tag which can be part of a SAML assertion.	`Array.<$.Session~SamlAttributeObject>`
samlUserInfo	Provides the materialized content of the AttributeStatement tag which can be part of a SAML assertion.	`object`

Functions

Function	Description	Returns
assertAppPrivilege(privilegeName)	Asserts that the logged-on user has a specified application privilege.	`-`
assertSystemPrivilege(privilegeName)	Asserts that the logged-on user has a specified system privilege.	`-`
getInvocationCount()	Returns the number of requests sent to the current session.	`Number`
getSecurityToken()	Returns unique session-specific token that could be used for XSRF prevention.	`string`
getTimeout()	The timeout of the XS session in seconds.	`integer`
getUsername()	Returns the username of the logged-on database user.	`string`
hasAppPrivilege(privilegeName)	Checks whether the logged-on user has a specified application privilege.	`boolean`
hasSystemPrivilege(privilegeName)	Checks whether the logged-on user has a specified system privilege.	`boolean`