I have a use case to show and hide the tab under side menu based on the specific user role. For the same I have created one global role as RYH_Admin. and assign it to a user. If the user has this role then I want to show the tab else hide it.
I created one custom service as below for the same
But I stuck how to check user has that global role or not. If I log user I could see the created role under groups in references. but not able to access. If I use user.roles then I am getting only permissions as ROLE_USER_MANAGEMENT_OWN_READ and ROLE_USER_MANAGEMENT_OWN_ADMIN How can I access the Role Name RYH_Admin ?
Question related to a free trial, or to a production (customer) instance?
Checking for a global role by name is in general doable, but nothing I would recommend, as you actually want to check for a permissions and not the global role name…
In case the by default existing permissions are not sufficient, you could create new ones with microservices.
The “groups” attribute of the current user can be used to get the global roles the user is assigned to.
The @c8y/client also offers a method to check for global roles assigned to a user, but only does so by id of the global role and not by name: hasAnyGlobalRole
The reason why I am not checking the roles here is for the diff global role may have same permissions.
For example. I have created global role as RYH_Admin and given permission as ROLE_APPLICATION_MANAGEMENT_ADMIN for the same there is anther role admins for that role also will have same permission.
To avoid this your suggesting to create a custom permission through microservice ?
I am using cumulocity 1016.0.324 version. Shall I use hasAnyGlobalRole method ?
It seems the hasAnyGlobalRole method was introduced with a later version, as it is not documented for 1016: UserService | Cumulocity Web SDK
Maybe you want to include the version you are using in your initial post the next time.
you can create an application of type “MICROSERVICE” using this endpoint: Cumulocity - OpenAPI
A sample body for this request could look like this:
We tried creating the custom perms and it is working as expected. Can you please also tell us how to remove the custom permissions? We tried deleting our new microservice with these perms, The microservice was deleted but perms are still there. Please guide us.