In addition to providing access to security information within the web application code, the security system of the platform provides access to security information within action sequences. The information then can be used in JavaScript rules, presented in reporting prompts, provided as input to SQL Lookup Rules, etc.
If you look at the inputs section of an action sequence, you will see inputs typically defined like this:
<inputs> <someInput type="string"> <sources> <request>someInput</request> </sources> </someInput> </inputs>
In the above example, the input (called someInput) can be found by looking at the request (HttpServletRequest, PortletRequest, etc.) for a variable called someInput. Then, throughout the rest of the action sequence, specific actions can reference that input.
Security Inputs
Pentaho BI Platform extends the inputs to provide a unique type of input--the security input. The following input names are supported:
| Input Name | Type | Description |
|---|---|---|
| principalName | string | The name of the currently authenticated user. |
| principalRoles | string-list | The roles that the currently authenticated user is a member of. |
| principalAuthenticated | string | true if the user is authenticated, false otherwise. |
| principalAdministrator | string | true if the user is considered a Pentaho Administrator, false otherwise. |
| systemRoleNames | string-list | All the known roles in the system. Use caution since this list could be quite long. |
| systemUserNames | string-list | All the users known to the system. Use caution since this list could be quite long. |
Example
The following input section will get the list of the user's roles, and make it available to all the actions in the action sequence:
<inputs> <principalRoles type="string-list"> <sources> <security>principalRoles</security> </sources> </principalRoles> </inputs>