Session
Session objects are returned by the Session command. These objects provide the developer with an interface allowing to manage the current user session and execute actions such as store contextual data, share information between session processes, launch session-related preemptive processes, or (web only) manage privileges.
Session types
Three types of sessions are supported by this class:
- Web user sessions: Web user sessions are available when scalable sessions are enabled in your project. They are used for Web and REST connections, and can be assigned privileges.
- Remote client user sessions: In client/server applications, remote users have their own sessions managed on the server.
- Stored procedures session: All stored procedures executed on the server share the same virtual user session.
The availability of properties and functions in the Session object depends on the session type.
Summary
| .clearPrivileges() : Boolean removes all the privileges associated to the session and returns True if the execution was successful |
| .expirationDate : Text the expiration date and time of the session cookie |
| .getPrivileges() : Collection returns a collection of all the privilege names associated to the session |
| .hasPrivilege( privilege : Text ) : Boolean returns True if the privilege is associated to the session, and False otherwise |
| .id : Text the unique identifier (UUID) of the session on the server |
| .idleTimeout : Integer the inactivity session timeout (in minutes), after which the session is automatically closed by 4D |
| .info : Object describes the remote client or stored procedure session on the server |
| .isGuest() : Boolean returns True if the session is a Guest session (i.e. it has no privileges) |
| .setPrivileges( privilege : Text ) : Boolean .setPrivileges( privileges : Collection ) .setPrivileges( settings : Object ) : Boolean associates the privilege(s) and/or role(s) defined in the parameter to the session and returns True if the execution was successful |
| .storage : Object a shared object that can be used to store information available to all processes of the session |
| .userName : Text the user name associated to the session |
.clearPrivileges()
History
| Release | Changes |
|---|---|
| 18 R6 | Added |
.clearPrivileges() : Boolean
| Parameter | Type | Description | |
|---|---|---|---|
| Result | Boolean | <- | True if the execution is successful |
Description
This function does nothing and always returns True with remote client and stored procedure sessions.
The .clearPrivileges() function removes all the privileges associated to the session and returns True if the execution was successful. As a result, the session automatically becomes a Guest session.
Example
//Invalidate a web user session
var $isGuest : Boolean
var $isOK : Boolean
$isOK:=Session.clearPrivileges()
$isGuest:=Session.isGuest() //$isGuest is True
.expirationDate
History
| Release | Changes |
|---|---|
| 18 R6 | Added |
.expirationDate : Text
Description
This property is only available with web user sessions.
The .expirationDate property contains the expiration date and time of the session cookie. The value is expressed as text in the ISO 8601 format: YYYY-MM-DDTHH:MM:SS.mmmZ.
This property is read-only. It is automatically recomputed if the .idleTimeout property value is modified.
Example
var $expiration : Text
$expiration:=Session.expirationDate //eg "2021-11-05T17:10:42Z"
.getPrivileges()
History
| Release | Changes |
|---|---|
| 20 R6 | Added |
.getPrivileges() : Collection
| Parameter | Type | Description | |
|---|---|---|---|
| Result | Collection | <- | Collection of privilege names (strings) |
Description
The .getPrivileges() function returns a collection of all the privilege names associated to the session.
With remote client and stored procedure sessions, this function returns a collection only containing "WebAdmin".
Privileges are assigned to a Session using the setPrivileges() function.
Example
The following roles.json has been defined:
{
"privileges":[
{
"privilege":"simple",
"includes":[
]
},
{
"privilege":"medium",
"includes":[
"simple"
]
}
],
"roles":[
{
"role":"Medium",
"privileges":[
"medium"
]
}
],
"permissions":{
"allowed":[
]
}
}
The session role is assigned in an authentify() datastore function:
//Datastore Class
exposed Function authentify($role : Text) : Text
Session.clearPrivileges()
Session.setPrivileges({roles: $role})
Assuming the authentify() function is called with the "Medium" role:
var $privileges : Collection
$privileges := Session.getPrivileges()
//$privileges: ["simple","medium"]
See also
.setPrivileges()
Permissions – Inspect the privileges in the session for an easy debugging (blog post)
.hasPrivilege()
History
| Release | Changes |
|---|---|
| 18 R6 | Added |
.hasPrivilege( privilege : Text ) : Boolean
| Parameter | Type | Description | |
|---|---|---|---|
| privilege | Text | -> | Name of the privilege to verify |
| Result | Boolean | <- | True if session has privilege, False otherwise |
Description
The .hasPrivilege() function returns True if the privilege is associated to the session, and False otherwise.
With remote client and stored procedure sessions, this function always returns True, whatever the privilege.
Example
You want to check if the "WebAdmin" privilege is associated to the web user session:
If (Session.hasPrivilege("WebAdmin"))
//Access is granted, do nothing
Else
//Display an authentication page
End if
.id
History
| Release | Changes |
|---|---|
| 20 R5 | Added |
.id : Text
Description
The .id property contains the unique identifier (UUID) of the session on the server. This unique string is automatically assigned by the server for each session and allows you to identify its processes.
You can use this property to get the .storage object of a session thanks to the Session storage command.
.idleTimeout
History
| Release | Changes |
|---|
|18 R6|Added|
.idleTimeout : Integer
Description
This property is only available with web user sessions.
The .idleTimeout property contains the inactivity session timeout (in minutes), after which the session is automatically closed by 4D.
If this property is not set, the default value is 60 (1h).
When this property is set, the .expirationDate property is updated accordingly.
The value cannot be less than 60: if a lower value is set, the timeout is raised up to 60.
This property is read write.
Example
If (Session.isGuest())
// A Guest session will close after 60 minutes of inactivity
Session.idleTimeout:=60
Else
// Other sessions will close after 120 minutes of inactivity
Session.idleTimeout:=120
End if
.info
History
| Release | Changes |
|---|---|
| 20 R5 | Added |
.info : Object
Description
This property is only available with remote client and stored procedure sessions.
The .info property describes the remote client or stored procedure session on the server.
The .info object is the same object as the one returned by the Get process activity command for remote client and stored procedure sessions.
The .info object contains the following properties:
| Property | Type | Description |
|---|---|---|
| type | Text | Session type: "remote" or "storedProcedure" |
| userName | Text | 4D user name (same value as .userName) |
| machineName | Text | Remote sessions: name of the remote machine. Stored procedures session: name of the server machine |
| systemUserName | Text | Remote sessions: name of the system session opened on the remote machine. |
| IPAddress | Text | IP address of the remote machine |
| hostType | Text | Host type: "windows" or "mac" |
| creationDateTime | Date ISO 8601 | Date and time of session creation |
| state | Text | Session state: "active", "postponed", "sleeping" |
| ID | Text | Session UUID (same value as .id) |
| persistentID | Text | Session's persistent ID |
Since .info is a computed property, it is recommended to call it once and then to store it in a local variable if you want to do some processing on its properties.
.isGuest()
History
| Release | Changes |
|---|---|
| 18 R6 | Added |
.isGuest() : Boolean
| Parameter | Type | Description | |
|---|---|---|---|
| Result | Boolean | <- | True if session is a Guest one, False otherwise |
Description
This function always returns False with remote client and stored procedure sessions.
The .isGuest() function returns True if the session is a Guest session (i.e. it has no privileges).
Example
In the On Web Connection database method:
If (Session.isGuest())
//Do something for Guest user
End if
.setPrivileges()
History
| Release | Changes |
|---|---|
| 19 R8 | Support of "roles" Settings property |
| 18 R6 | Added |
.setPrivileges( privilege : Text ) : Boolean
.setPrivileges( privileges : Collection )
.setPrivileges( settings : Object ) : Boolean
| Parameter | Type | Description | |
|---|---|---|---|
| privilege | Text | -> | Privilege name |
| privileges | Collection | -> | Collection of privilege names |
| settings | Object | -> | Object with a "privileges" property (string or collection) |
| Result | Boolean | <- | True if the execution is successful |
Description
This function does nothing and always returns False with remote client and stored procedure sessions.
The .setPrivileges() function associates the privilege(s) and/or role(s) defined in the parameter to the session and returns True if the execution was successful.
-
In the privilege parameter, pass a string containing a privilege name (or several comma-separated privilege names).
-
In the privileges parameter, pass a collection of strings containing privilege names.
-
In the settings parameter, pass an object containing the following properties:
| Property | Type | Description |
|---|---|---|
| privileges | Text or Collection | |
| roles | Text or Collection | |
| userName | Text | User name to associate to the session (optional) |
Privileges and roles are defined in roles.json file of the project. For more information, please refer to the Privileges section.
If the privileges or roles property contains a name that is not declared in the roles.json file, it is ignored.
By default when no privilege or role is associated to the session, the session is a Guest session.
The userName property is available at session object level (read-only).
Example
In a custom authentication method, you set the "WebAdmin" privilege to the user:
var $userOK : Boolean
... //Authenticate the user
If ($userOK) //The user has been approved
var $info : Object
$info:=New object()
$info.privileges:=New collection("WebAdmin")
Session.setPrivileges($info)
End if
See also
.storage
History
| Release | Changes |
|---|---|
| 20 R5 | Support of remote client and stored procedure sessions |
| 18 R6 | Added |
.storage : Object
Description
The .storage property contains a shared object that can be used to store information available to all processes of the session.
When a Session object is created, the .storage property is empty. Since it is a shared object, this property will be available in the Storage object of the server.
Like the
Storageobject of the server, the.storageproperty is always "single": adding a shared object or a shared collection to.storagedoes not create a shared group.
This property is read only itself but it returns a read-write object.
You can get the .storage property of a session using the Session storage command.
Web session example
You want to store the client IP in the .storage property. You can write in the On Web Authentication database method:
If (Session.storage.clientIP=Null) //first access
Use (Session.storage)
Session.storage.clientIP:=New shared object("value"; $clientIP)
End use
End if
Remote session example
You want to share data between processes in the same session:
Use (Session.storage)
Session.storage.settings:=New shared object("property"; $value; "property2"; $value2)
End use
.userName
History
| Release | Changes |
|---|---|
| 20 R5 | Support of remote client and stored procedure sessions |
| 18 R6 | Added |
.userName : Text
Description
The .userName property contains the user name associated to the session. You can use it to identify the user within your code.
- With web sessions, this property is an empty string by default. It can be set using the
privilegesproperty of thesetPrivileges()function. - With remote and stored procedure sessions, this property returns the same user name as the
Current usercommand.
This property is read only.