9.1. The User Membership API

The User Membership supported by the service endpoint contains a list of MembershipUser objects. Each object represents a domain user and its permissions to access the service. Let’s take a look at the MembershipUser interface members:

public interface MembershipUser
{
    long getId();
    String getName();
    String[] getRoles();
    boolean hasRoles();
    boolean isInRole(String role);
    boolean isGuest();
    boolean isStatelessGuest();
    boolean isRemoved();
}
  • getId – returns the user’s ID. For a guest, this is 0, otherwise a positive value. Unlike the username, it never changes;
  • getName – returns the username. It can be changed by the administrator on the domain management page;
  • getRoles – if the service employs a role-based access control, it returns the list of roles assigned to the user on the site;
  • hasRoles – returns true if the user has any role;
  • isInRole – checks if the user in the given role;
  • isGuest – returns true if the membership user is a guest, otherwise false;
  • isStatelessGuest – returns true if the membership user is a stateless guest, otherwise false. If it is a stateless guest, it is also a guest;
  • isRemoved – returns true if the user has been removed from the list of authorized users on the site.

ServiceEndpoint has three API methods to access membership users other than Guest and Stateless Guest. The getUsers method returns all users:

public MembershipUser[] getUsers()

The next method returns a membership user by user ID:

public MembershipUser findUser(long userId)

The third method is a findUser overload to look up a user by name:

public MembershipUser findUser(String userName)

If Guest or Stateless Guest users are declared as supported in the site structure, then the User Membership module contains the corresponding users of type MembershipUser. Explicit access to them does not make any practical sense. Therefore, the methods described above do not return them. However, the request context, which is the first parameter of any request handler, can contain a guest user in the user field.

A service application can check if Guest is allowed by calling the following method of ServiceEndpoint class:

public boolean isGuestAllowed()

It’s worth noting that Guest and Stateless Guest are both guest users, and the return value of isGuestAllowed is valid for both.

In the end, Let’s look at how to enumerate the entire list of membership users:

MembershipUser[] users = serviceEndpoint.getUsers();
for(MembershipUser user: users)
{
    System.out.println(user.getName());
    for(String role: user.getRoles()) {
        System.out.println("  " + role);
    }
}

TABLE OF CONTENTS