It's been faster to integrate that what I thought at beginning. Ok I must admit rules are hardcoded
so far.
I don't know where to put them ? as configuration with an mbean ? or in EJB layer. Because rules are not very numerous. Maybe under 15 rules for a PN site running.
mbean advantage : site can work without Core module
and permisssions are still working. Rules are part
of configuration. They are fast to retrieve, etc...
EJB ? except the statement user.getRules() and
group.getRules() I dont't see them. More over
these rules must be all the times converted
back to a usable object. And you can add
also EJB locking...
So help me to decide :-) but I think my choice
is done.
Anyway, it's pretty easy to use them
in a module/block :
API.secAuthAction("Menublock::", "Administration::", Constants.SEC_ACCESS_READ)
will check if current user can see the link
adminstration in the menu block.
it works well and I am pretty proud of it !
In a general fashion, API functions are used
this way with a static call. That sticks to
PostNuke spirit.
julien