public class Authentication
extends java.lang.Object
 The intended usage is that a server authentication system would require the
 user to log in,  then provide data about the currently logged in user via Auth.setCurrentUser()  and setRoles().  This data is then available in the  Rule Scope so that components can use it to enable or disable or hide
 themselves, via properties such as FormItem.readOnlyWhen. 
 The format for user records is not explicitly defined or restricted by the Authentication 
 subsystem but we recommend using the format described by getUserSchema().
 Having a standardized user record allows application designers to rely on a  well-known set of
 field names at design time, and then at deployment time when a  particular authentication system is chosen, the deployer
 can simply fill in the  standardized user record from the data that the chosen authentication system returns.   This
 also allows authentication systems to be swapped out in the future without  the need to change application code. 
 The
 DataSource returned by getUserSchema() is used solely for
 visual  tools to help with application authoring.
 It is not intended to be used directly to store and retrieve user
 data, and while we recommend this format it is not a requirement that user records conform to it. 
 There are no
 security implications to calling setRoles() or other APIs on the Authentication class. The
 provided data affects only  client-side components.  All actual security enforcement must be done server-side -  see the
 QuickStart Guide, especially the sections on Declarative Security,  to understand how role-based authorization can be
 used on the server.
| Constructor and Description | 
|---|
| Authentication() | 
| Modifier and Type | Method and Description | 
|---|---|
| static java.lang.String[] | getAvailableRoles()Returns the full set of available user roles specified by  setAvailableRoles(). | 
| static Record | getCurrentUser()Returns the current user specified by  setCurrentUser(). | 
| static java.lang.String | getCurrentUserId()Convenience method to return the  "userId"attribute of thecurrent userif there is one. | 
| static java.lang.String[] | getRoles()Returns the current set of user roles. | 
| static DataSource | getUserSchema()Returns a DataSource describing the standard schema for user data. | 
| static java.lang.Boolean | hasRole(java.lang.String role)Is the current user assigned to the specified role? | 
| static void | isSuperUser(java.lang.Boolean isSuperUser)Has the current user been marked as a super-user via  setSuperUser()? | 
| static void | setAvailableRoles(java.lang.String[] roles)Specify the full set of available user roles. | 
| static void | setCurrentUser(Record user)Set up the current user. | 
| static void | setRoles(java.lang.String[] roles)Set the user roles for the current user. | 
| static void | setSuperUser(java.lang.Boolean isSuperUser)Mark the current user as a super-user. | 
public static java.lang.String[] getAvailableRoles()
setAvailableRoles().public static Record getCurrentUser()
setCurrentUser(). 
  This method returns the user record currently available in the  Canvas.ruleScope as "auth.currentUser".
public static java.lang.String getCurrentUserId()
"userId" attribute of the current user if there is one.current user record if there
 is one.public static java.lang.String[] getRoles()
super users this
 will be the intersection of any roles specified by  setRoles()
 and the full set of available roles  - otherwise it
 will be the set of roles specified by setRoles().  Current
 set of user roles are available in the Canvas.ruleScope  as a
 top-level property "userRoles", so that it can be used in criteria such as  Canvas.visibleWhen or FormItem.readOnlyWhen.
public static DataSource getUserSchema()
The schema contains the following fields:
| Field Name | Type | 
| "userId" | "text" | 
| "email" | "text" | 
| "firstName" | "text" | 
| "lastName" | "text" | 
| "title" | "text" | 
| "phone" | "phoneNumber" | 
| "superUser" | "boolean" | 
public static java.lang.Boolean hasRole(java.lang.String role)
role - role to check in current rolesgetRoles() list; false
 otherwisegetRoles()public static void isSuperUser(java.lang.Boolean isSuperUser)
setSuperUser()?isSuperUser - New super user statuspublic static void setAvailableRoles(java.lang.String[] roles)
 Note that if the current user has been marked as a  superUser, getRoles() will return the full set of available roles.
roles - full set of possible user roles.public static void setCurrentUser(Record user)
Canvas.ruleScope as "auth.currentUser".user - Record with attributes detailing the current userpublic static void setRoles(java.lang.String[] roles)
getRoles().  Calling setRoles() makes the specified set of user
 roles available in the Canvas.ruleScope  as a top-level property
 "userRoles", so that it can be used in criteria such as  Canvas.visibleWhen or FormItem.readOnlyWhen. 
 
 Note that if this current user has been marked as a
 super-user, getRoles() will return the full set of available
 roles rather than the set of roles specified here.
roles - set of roles which apply to the current userpublic static void setSuperUser(java.lang.Boolean isSuperUser)
getRoles()
 to return the full set of available roles if specifiedisSuperUser - New super user status