A server interface method is provided to enable authorization to be performed directly. This method may be added to a class that manipulates data on the conceptual element being secured by the new SID type.
curam.util.security.Authorisation.isSIDAuthorised()
A usage example of this method is below:
// The SID associated with the conceptual element // to be secured. String someSID = "someSID"; // Get the logged in username String loggedUser = curam.util.transaction.TransactionInfo.getProgramUser(); // Check if the user has access rights if (curam.util.security.Authorisation.isSIDAuthorised( someSID, loggedUser)) { // Do something sensitive that this user has rights to do ... } else { // Throw an exception indicating the user doesn't have // access to perform this action AppException exception = new AppException(MESSAGE.ERR_USER_NO_ACCESS); throw exception; }