Query users’ permissions

This tutorial explains how you can use the Permissioning API to find out from the server, all the current permissions applied to the logged-in user.

When a user logs into the FXTrader application, it automatically subscribes to the permissioning data that Liberator holds for that user. When the subscription begins, Liberator sends back all the permissioning data for that user, followed by subscription updates whenever a product permission changes.

The Permissioning API provides an interface through which you can access this data, allowing you to tailor your application to match the permissions of each user that is currently logged in. As the application automatically subscribes to permissioning data, the latency of each permissioning query is reduced. This is because it holds a local copy of the latest known permissions, and doesn’t need to contact Liberator every time your code initiates a query.

Once you’ve loaded the FxTrader application, you can obtain a reference to the PermissionService, enabling you to query the user’s permissions:

var permissionService = caplin.core.ServiceRegistry.getService("caplin.permission-service");

Executing the following line will return an array containing all the permissions that are defined for actions on the /FX/GPBPUSD product, under the default (“null”) namespace:

permissionService.getAllPermissions("/FX/GBPUSD",null);

If we wanted to find out about permitted actions in specific namespaces, we could do so by querying each in turn, as the following code does for actions under the TradeProtocol, TradeType and FwdTenor namespaces:

permissionService.getAllowPermissions("/FX/*","TradeProtocol");
permissionService.getAllowPermissions("/FX/*","TradeType");
permissionService.getAllowPermissions("/FX/*","FwdTenor");

The examples above will probably return something along the lines of:

["ESP"]
["SPOT", "FWD", "SWAP"]
["1D", "2D", "5D", "1W", "2W", "1M", "1Y", "2Y"]

From this, we can deduce that the current user is allowed to execute trades on Executable Streaming Prices with the ESP trade protocol, and can perform Spot, Forward and Swap trade types. Also, for forward trades, the user can select any settlement date from the last list of tenors (Eight options from 1 day to 2 years).

You’ll probably want your client application to be informed when one of these permissions changes. Say – for example – that your application contains a trade tile, which allows Spot and Forward trades to be executed.  If the permissions of the logged-in user change, so that Forward trades are no longer allowed, you’ll want the forward trade buttons on your tile to be disabled. For this purpose, you can set a listener on the PermissionService, which will be notified if this change occurs and immediately allows the GUI to adapt accordingly.

var permissionService = caplin.core.ServiceRegistry.getService("service_caplin.permission");

var sProduct = "/FX/GBPUSD";
var sNamespace = "TradeType";
var sAction = "FWD";
var oListener = {
   onSinglePermissionChanged : function(bAuthorised, sProduct, sNamespace, sAction) {
   console.log("Permission change - Product:"+sProduct+" Namespace: "+sNamespace+" Action:"+sAction+" Allowed:"+bAuthorised);
   //code to adjust tile here…
   }
};

permissionService.addPermissionListener(sProduct, sNamespace, sAction, oListener);

Having set up this listener, the onSinglePermissionChanged method will be called, whenever the user’s permission for Forward trade types changes on the server.