Reputation: 190
If the user has multiple roles, how to let the user choose one role to access to the application?
We have a xpage application that requires the user to login (use lotus notes id and password). If the user logins successfully, it will redirect the user to the designated page(e.g. home.xsp).
At the beginning, the application is simple, one user has one role in the application. Each role will have different functions and interface in the program. (this is also agreed with the users). Please imagine the table below is about the user and the user role.
Username | Role
Alan | admin
Ben | user
John | leader
Judy | developver
Sam | manager
Susan | senior
Tom | user
Recently, our users change their mind, they want to have multiple roles in the application. Please consider the following situation.
Username | Role
Alan | admin,leader
Ben | user, admin
John | leader, manager
Judy | developver
Sam | manager, user
Susan | senior,manager, user
Tom | user
According to the table above, some users have more that one role in the program. Due to each role will have different functions and interface in the program, we notice that if the user has multiple roles, the interface will look untidy and some functions will not work properly. Therefore we are thinking about to force the user chooses one role to login.
In the designated page(e.g. home.xsp), that page will show after the user successfully login. We try to find out whether the user has multiple roles or not, so we put the following code in beforePageLoad Event.
var roles = context.getUser().getRoles()
//if the user has multiple roles, force them to other page
if(roles.length > 1)
{
context.redirectToPage("chooserole.xsp");
}
else
{
//do nothing
}
In chooserole.xsp, the page will find the role that user have and then ask the user to choose one to login. So the page will look like this
<?xml version="1.0" encoding="UTF-8"?>
<xp:view xmlns:xp="http://www.ibm.com/xsp/core"><xp:label value="Please select user role" id="label1" style="margin-left:200.0px"></xp:label>
<xp:text escape="true" id="computedField2" rendered="false">
<xp:this.value><![CDATA[#{javascript:context.getUser().getRoles()
}]]></xp:this.value>
</xp:text><xp:br></xp:br>
<xp:radioGroup id="radioGroup1" layout="pageDirection" style="margin-left:100.0px" value="#{applicationScope.role}">
<xp:selectItems>
<xp:this.value><![CDATA[#{javascript:getComponent("computedField2").getValue();}]]></xp:this.value>
</xp:selectItems>
</xp:radioGroup>
<xp:br></xp:br>
<xp:button value="Login" id="button1" style="height:35.0px;margin-left:200.0px">
<xp:eventHandler event="onclick" submit="true" refreshMode="complete">
<xp:this.action><![CDATA[#{javascript:var rolevalue = getComponent("radioGroup1").getValue();
applicationScope.put(role,rolevalue);
context.redirectToPage("Home.xsp");}]]></xp:this.action>
</xp:eventHandler></xp:button><xp:button value="Cancel" id="button2" style="height:35.0px;margin-left:30.0px"></xp:button><xp:br></xp:br>
</xp:view>
When we use the multiple role account to run the program, the program can redirect us to the chooserole.xsp, however, in that page, no matter we choose which role, we just keep stay in chooserole.xsp.
We guess the problem is in the beforePageLoad part because in that part, we check the multiple roles, if the user has more than one role, it will redirect the user to the indicated page.
One thing we don't understand is in chooserole.xsp, we ask the user to select one role to login, when the user chooses one role, that role should direct the user to the home.xsp. However, the home.xsp seems "think" the user has multiple role, so it keeps the user in chooserole.xsp.
Did we do something wrong in the coding? we tried to remove the code in beforePageLoad and put in afterPageLoad but the program still keeps the user in chooserole.xsp.
Grateful for your advice please. Thank you.
References:
https://lostinxpages.com/2014/01/06/finding-user-roles-in-xpages/
Access Control with a multi database application
XPages: context.getUser().getRoles() working sporadically
http://flylib.com/books/en/2.348.1.172/1/
Upvotes: 2
Views: 2561
Answers (1)
Reputation: 30970
You test in home.xsp's beforePageLoad event if user has more then one role.
If yes, you redirect to chooserole.xsp. You let the user choose one role and put it into an applicationScope variable. Then you redirect back to home.xsp.
User has still more then one role. It redirects to chooserole.xsp ... welcome to infinitive loop.
Solution:
Use a sessionScope variable for user's one role (not an applicationScope variable as it's shared among all users) e.g. sessionScope.role.
Test in home.xsp's beforePageLoad event if sessionScope.role is undefined with
if (!sessionScope.containsKey("role")) { ...
If it is undefined then set it to the one role the user has or redirect to chooserole.xsp if user has more then one role.
Set sessionScope.role in chooserole.xsp to the role user has choosen and redirect back to home.xsp.
Now, sessionScope.role has a value (one role) and you can proceed with home.xsp content.
Make sure you test in your menus or wherever you use the one role for sessionScope.role and not context.getUser().getRoles() anymore.
Upvotes: 1
Related Questions
- Asp.net Web Application Role based authentication
- How can I control access for more than two roles in WPF Catel Framework?
- Role based authorization in asp.net
- In an XPiNC app, how can I launch one XPage vs. another based on Role
- role based authorization with window authentication in asp.net
- Login authentication depending on role winforms
- ASP.NET Membership/Roles - how to link user to multiple applications/roles?
- Role Management in asp.net
- Application Role management
- Variable Role Management