1

In NetWeaver Portal it is possible to Import / Export roles. I want to create a custom tool which have the same behavior. How I can achieve this using JAVA code? I couldn't find any Classes or Interfaces to do this in UME API.

Note: The custom tool have many other functionalities and act as a centralized portal for all the JAVA systems.

Boghyon Hoffmann
  • 17,103
  • 12
  • 72
  • 170
Amir Suhail
  • 1,284
  • 3
  • 12
  • 31

1 Answers1

0

Utilize SAP Composition Environment set of APIs, particularly Security API

The com.sap.security.api namespace contains IUserAccountFactory factory has getUserAccount(s) method which returns IUserAccount object (array of objects). It has getRoles method which perfectly meets your needs.

Together with addToRole method you can implement export/import of roles.

You can try to serialize roles of specific user with this sample:

import java.io.*;
import com.sap.security.api.IUser;
import com.sap.security.api.UMFactory;
// getting current user
try {
IUser user = UMFactory.getAuthenticator().getLoggedInUser();

if (user == null) { throw new SecurityException("User is invalid"); }
// getting user roles
Iterator<String> roles = loggedInUser.getRoles(true);
// serializing roles
while (roles.hasNext()) {
            String roleId = roles.next();
            IRole role = UMFactory.getRoleFactory().getRole(roleId);

            FileOutputStream file = new FileOutputStream(filename); 
            ObjectOutputStream out = new ObjectOutputStream(file); 

            out.writeObject(role); 

            out.close(); 
            file.close();
            }
        } catch (Exception e) {
        logger.logError("[getAssignedRole] Error " + e.getMessage());
}
Suncatcher
  • 10,355
  • 10
  • 52
  • 90
  • Thanks for the answer, but you have said is correct for adding or removing roles, I want to export the role to txt file like portal, and if you are going to say we can write java code for export please share the details for how to get associated Actions of the roles as well like export work in the portal. – Amir Suhail Jun 03 '19 at 14:48
  • `how to get associated Actions of the roles` I assume there is no API for receiving actions, at least those I am aware of. There is [API](https://help.sap.com/doc/javadocs_nw74_sps12/7.4.12/en-US/CE/se/com.sap.se/com/sap/security/api/permissions/ActionPermission.html) for getting actions for permissions but there is no way to get permissions by user. – Suncatcher Jun 03 '19 at 17:21
  • I see the only way to export/import is serialization IRole object, as it implements *Serializable* interface. Added sample – Suncatcher Jun 03 '19 at 17:22