1. Home
  2. OpenKM 8.2
  3. Development
  4. API description
  5. Commons classes
  6. PrincipalUtils
  1.  

OpenKM 8.2
Hardware and software requirements
Installation
Setup
Troubleshooting
Administration guide
User guide
Update guide
Development
Personal development environment
Configuring IDE from a clean Eclipse
Configuring Maven in your OS
Eclipse tips
Eclipse known troubleshooting
Development tips
Profiling application
Application version compatibility table
LLM context files
Creating a JAR file with Eclipse
Creating plugins
Creating templates
Creating your own login module
Creating your own parameters
Creating your own password validator
Creating your own reports
Database stuff
Webservices
Integrate preview with other web applications
Samples
Variables by automation event
Vault of stuff
API description
OKMActivity
OKMAuth
OKMBookmark
OKMDashboard
OKMDocument
OKMFolder
OKMImport
OKMMail
OKMNode
OKMNote
OKMNotification
OKMProperty
OKMPropertyGroup
OKMRecord
OKMRelation
OKMReport
OKMRepository
OKMSearch
OKMStamp
OKMStats
OKMTask
OKMUserConfig
OKMWorkflow
Commons classes
ArchiveUtils
AutomationUtils
ConfigSrv
DbSessionManager
ExecutionUtils
FileLogger
FileUtils
FormatUtil
GeneralUtils
ISO8601
LegacySrv
MailUtils
PathUtils
PDFUtils
PrincipalUtils
ShardUtils
StackTraceUtils
TemplateUtils
WorkflowUtils
Database description
Advanced samples

PrincipalUtils

Utility class with static helper methods for querying the current user's identity, roles, tenant, and authentication context from the Spring Security context. All methods are static.

Methods that access the current security context (e.g. getUser(), getRoles()) require a valid authenticated security context. In cron tasks or background threads use the token-based overloads (getUserByToken, getTenantIdByToken) or DbSessionManager to obtain authentication for a known token.

Current user

getUser

Description:

MethodReturn valuesDescription

getUser()

String

Returns the username of the currently authenticated user from the Spring Security context.

Example:

System.out.println(PrincipalUtils.getUser()); // "jsmith"

isUser

Description:

MethodReturn valuesDescription

isUser(String userId)

boolean

Returns true if the currently authenticated user has the given username.

getUserByToken

Description:

MethodReturn valuesDescription

getUserByToken(String token)

String

Returns the username associated with the given session token. Throws AccessDeniedException if the token is not found.

Tenant

getTenantId

Description:

MethodReturn valuesDescription

getTenantId()

long

Returns the tenant ID of the currently authenticated user. Falls back to Config.DEFAULT_TENANT_ID if the tenant cannot be resolved.

Example:

long tenantId = PrincipalUtils.getTenantId();
System.out.println("Tenant: " + tenantId);

getTenantIdByToken

Description:

MethodReturn valuesDescription

getTenantIdByToken(String token)

long

Returns the tenant ID associated with the given session token. Throws AccessDeniedException if the token is not found.

Roles

getRoles

Description:

MethodReturn valuesDescription

getRoles()

Set<String>

Returns the set of role names granted to the currently authenticated user. Returns an empty set if not authenticated.

hasRole

Description:

MethodReturn valuesDescription

hasRole(String role)

boolean

Returns true if the currently authenticated user has the given role.

Example:

if (PrincipalUtils.hasRole("ROLE_ADMIN")) {
    System.out.println("User is admin");
}
Set<String> roles = PrincipalUtils.getRoles();
System.out.println("Roles: " + roles);

User type checks

isRegularUser

Description:

MethodReturn valuesDescription

isRegularUser()

boolean

Returns true if the current user does not have the default admin role.

isAdminUser

Description:

MethodReturn valuesDescription

isAdminUser()

boolean

Returns true if the current user has the default admin role.

isSystemUser

Description:

MethodReturn valuesDescription

isSystemUser()

boolean

Returns true if the current user is the internal system user used for background operations.

isSuperUser

Description:

MethodReturn valuesDescription

isSuperUser()

boolean

Returns true if the current user is the default administrator user (okmAdmin).

hasFullAccess

Description:

MethodReturn valuesDescription

hasFullAccess()

boolean

Returns true if the current user has unrestricted access to the repository ? i.e. is the system user, the superuser, or has the admin role.

Example:

package com.openkm;

import com.openkm.principal.PrincipalUtils;

public class Test {

    public static void main(String[] args) {
        try {
            System.out.println("User: " + PrincipalUtils.getUser());
            System.out.println("TenantId: " + PrincipalUtils.getTenantId());
            System.out.println("IsAdmin: " + PrincipalUtils.isAdminUser());
            System.out.println("HasFullAccess: " + PrincipalUtils.hasFullAccess());
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

Authentication access

getAuthentication

Description:

MethodReturn valuesDescription

getAuthentication()

Authentication

Returns the Spring Security Authentication object for the current request. Tries the custom SecurityHolder, then SecurityContextHolder, then the HTTP request. Returns null if no authenticated user is found.

getAuthenticationByToken

Description:

MethodReturn valuesDescription

getAuthenticationByToken(String token)

Authentication

Returns the Spring Security Authentication object for the given session token. Throws AccessDeniedException if the token is not found in DbSessionManager.

getRemoteAddress

Description:

MethodReturn valuesDescription

getRemoteAddress()

String

Returns the remote IP address of the currently authenticated user, or null if not available.

© OpenKM kcenter v.1.0.0 (build: d51a7b0). All Rights Reserved. Documentation license