Using the SecurityService

This explains basic usage of the Sakai SecurityService. This service is used to register new Authz (permission) groups.

Using Spring to get the service for your class (e.g. YourAppClass) (recommended)
1. Add the SecurityService bean to the bean for YourAppClass
  <bean id="org.sakaiproject.yourapp.logic.YourAppClass" class="org.sakaiproject.yourapp.logic.impl.YourAppClassImpl"> <property name="securityService" ref="org.sakaiproject.authz.api.SecurityService" /> </bean>
2. Add a variable and setter to YourAppClass to use the service in like so:
  private SecurityService securityService; public void setSecurityService(SecurityService securityService) { this.securityService = securityService; }
Using the Component Manager to get the service
- Note: This is not the recommended method, you should be using Spring to inject the service
1. Use the CM cover to get the service
  import org.sakaiproject.component.cover.ComponentManager; import org.sakaiproject.authz.api.SecurityService; ... private SecurityService securityService; ... securityService = (SecurityService) ComponentManager.get(SecurityService.class);

Use the SiteService to get a site reference
Use the SecurityService to check the permission (unlock) for the userId and reference
String siteRef = siteService.siteReference(siteId); // (1) if (securityService.unlock(userId, "tool.permission", siteRef)) { // (2) // do something since this user has permission }
- Note: If you are using less than Sakai 2.2.x/2.3 then you have to get a User object with the UserDirectoryService instead of using a userId string

Use the SecurityService to check if the user is a super admin
if (securityService.isSuperUser(userId)) { // do something since this user has super admin permission }
- Note: There is also a method that checks for the current User but this method calls the UserDirectoryService so it is slower