Options
All
  • Public
  • Public/Protected
  • All
Menu

UserService provides custom callback to perform user authentication and authorization. When creating a WebCollabServer, you should provide an implementation of the UserService to customize the user authentication and authorization.

Tha authentication can be customized by implementing the getUserByToken method. For example, if you're using a token-based SSO for authentication, your UserService might look like:

const userService: UserService = {
async getUserByToken(token) {
return await validationTokenAndGetUserInfoFromSSO(token)
}
}

The authorization can be customized by implementing the checkUserPermission method. For example, if you want to check if a user has permission to join a collaboration, your UserService might look like:

const userService: UserService = {
async checkUserPermission(userId, resourceType, operation, resourceId) {
if(resourceType === 'collaboration' && operation === 'join') {
return await checkIfUserHasPermissionToJoinCollaboration(userId, resourceId);
}

// returning null will use the default permission check
// for not implemented resourceType and operation
return null;
}
}

Hierarchy

  • UserService

Index

Methods

  • checkUserPermission(userId: string, resourceType: string, operation: string, resourceId?: string): Promise<boolean>
  • An optional callback to check if the user has permission to perform the specified operation on the specified resource.

    If the return value is null, the default permission check will be used.

    For example: if a user is trying to join a collaboration, this callback will be called with the following params to check if the user has permission to join. checkUserPermission(user, 'collaboration', 'join', collaborationId)

    The currently supported resourceType and operation are: (denoted as resourceType/operation)

    • collaboration/join: Check if the user has permission to join a collaboration. Triggered when a user is trying to join a collaboration.
    • collaboration/comment: Check if the user has permission to comment on PDF. Triggered when a user is joining a collaboration, to check if the user is allowed to comment on PDF in the collaboration.
    • collaboration/create: Check if the user has permission to create a collaboration. Triggered when a user is trying to create a collaboration.
    • collaboration/delete: Check if the user has permission to delete a collaboration. Triggered when a user is trying to delete a collaboration.
    • collaboration/update: Check if the user has permission to update a collaboration. Triggered when a user is trying to update a collaboration, like changing the default permission of the collaboration.

    Parameters

    • userId: string

      the id of the user

    • resourceType: string

      the type of resource, e.g. 'collaboration'

    • operation: string

      the operation on the resource, e.g. 'join'

    • Optional resourceId: string

      the id of the resource, e.g. the id of the collaboration

    Returns Promise<boolean>

  • getUserByToken(token: string): Promise<UserInfo>
  • Get user information by the specified token.

    Parameters

    • token: string

      The token used to authenticate a user, e.g. a JWT token.

    Returns Promise<UserInfo>

    • If the token is valid, the user information will be returned. Otherwise, an exception will be thrown.

Generated using TypeDoc