I see no obvious way from the CUBA REST-API page to obtain a list of associated roles for the currently granted user. In the context of the rest-api, you firstly obtain an access_token which in the background is presumably associated to a user, hence obtaining the user roles shouldn’t be a big issue.
As included in the documentation in the afore mentioned documentation page, I am able to retrieve a list of the roles registered in the system, but not the concrete roles associated with the logged in user.
Since I have an access_token instead of a user id, I don’t see an easy way to do this.
Solved it by creating a specific purpose service and enabling it following the indications of section 4.9 Service Method Invokation in the CUBA REST-API reference.
The service method executes the following in order to read the roles associated to the logged in user:
public List<String> getRolesForCurrentUser(String accessToken) throws Exception{
ArrayList<String> al = new ArrayList<String>();
User u = AppBeans.get(UserSessionSource.class).getUserSession().getUser();
List<UserRole> userRoles = u.getUserRoles();
for (int i = 0; i < userRoles.size(); i++) {
al.add(userRoles.get(i).getRole().getName());
}
return al;
}
Since values are retrieved and converted to JSON I prefer to return plain strings to simplify processing in the other end.
Thanks for a good documentation. If there’s a better solution, I am glad to hear it.