Best way to determine if current user is an admin user?

jnash67 · December 2, 2016, 12:04am

The following seems to work. Is this the way you’re supposed to determine if a user is an admin user or is there a better way?


        boolean adminUser = false;
        List<UserRole> urs = userSessionSource.getUserSession().getUser().getUserRoles();

        for (UserRole ur : urs) {
            if (ur.getRole().getType().equals(RoleType.SUPER)) {
                adminUser = true;
            }
        }
        if (adminUser) {
            showNotification("Admin user logged in");
        } else {
            showNotification("NON-Admin user logged in");
        }

krivopustov · December 2, 2016, 6:38am

It will work until you change the Administrators role and make it not SUPER. Or just remove all roles from the “admin” user. Take into account also that any user without roles equals in rights to admin.

So you have to define what admin means: for example, a user with SUPER role or without roles at all. Or a user which has some specific permission.