1 2 Previous Next 22 Replies Latest reply on Apr 22, 2007 10:41 PM by Christian Bauer Go to original post
      • 15. Re: HowTo: When going to a page to enter data, pull from db
        Pete Muir Master

        Well, something is a Seam component when it's got @Name on it, or is configured through components.xml. Everything else isn't. You can see all the components in your project by going to the debug page, looking at the application scope - every component (whatever it's scope) has a componentName.component entry here.

        • 16. Re: HowTo: When going to a page to enter data, pull from db
          Expert

          Borrow whatever you like Pete. Anything for the cause.

          • 17. Re: HowTo: When going to a page to enter data, pull from db
            Expert

            One down side to using EntityHome for generic crud is lack of built in security. One needs to be careful when using Homes for crud operations that allow or require RequestParameters. You need to ensure the operation on this ID is valid. You don't want to expose information you shouldn't and you definitely don't want to modify or destroy information you shouldn't.

            For example, you don't want a user to update or delete another user's entity just by changing an ID in the URL and hitting return. Seam supports entity level security and you can probably extend a Home to double check access restrictions prior to operations. Likewise, you don't want private information available on lets say a user profile screen, to be available to anyone able to modify a URL.

            My concern is that new Seam users may over use this feature and run into these problems down the road. Or that they won't bother to learn how entity level security works or how to configure it.

            • 18. Re: HowTo: When going to a page to enter data, pull from db
              Saeed Iqbal Novice

              I see what you are saying Captain and very well said, for this sort of information we need to have new books coming out :) !

              Anyway thanks Cptn and Peter for your valuable help. Cptn how is your weekend so far? what are you doing next weekend maybe we could meet at coffee.

              • 19. Re: HowTo: When going to a page to enter data, pull from db
                Christian Bauer Master

                 

                "CptnKirk" wrote:

                For example I don't think I'd recommend using a Home to populate a search prototype. For search pages, an entity with an event scoped role combined with Hibernate's Criteria API + Example criterion is great.


                I prefer exactly the opposite, with a Search conversation scoped component that holds my prototype entity during the search conversation. Gives me a lot of control over what the user can select on the search screen and how I handle this in the backend:

                @Name("userSearch")
                @Scope(ScopeType.CONVERSATION)
                public class UserSearch implements Serializable {
                
                 @In
                 private UserDAO userDAO;
                
                 @In
                 private FacesMessages facesMessages;
                
                 private User exampleUser;
                 private String orderByProperty;
                 private boolean orderDescending;
                 private String[] ignoreProperties;
                 private int rowCount;
                 private int maxPageSize;
                 private int pageSize;
                 private int page;
                
                 @DataModel
                 private List<User> usersList;
                
                 @Create
                 public void initialize() {
                 pageSize = 15;
                 maxPageSize = 1000;
                 exampleUser = new User();
                 orderByProperty = "username";
                 orderDescending = false;
                 ignoreProperties = new String[]{"passwordHash", "activated", "createdOn"};
                 }
                
                 public void find() {
                 page = 0;
                 queryRowCount();
                 if (rowCount != 0) queryUsers();
                 }
                
                 public void nextPage() {
                 page++;
                 queryUsers();
                 }
                
                 public void previousPage() {
                 page--;
                 queryUsers();
                 }
                
                 public void firstPage() {
                 page = 0;
                 queryUsers();
                 }
                
                 public void lastPage() {
                 page = (rowCount / pageSize);
                 if (rowCount % pageSize == 0) page--;
                 queryUsers();
                 }
                
                 private void queryRowCount() {
                 rowCount = userDAO.getRowCountByExample(exampleUser, ignoreProperties);
                 if (rowCount == 0) {
                 facesMessages.addFromResourceBundleOrDefault(
                 FacesMessage.SEVERITY_INFO,
                 "noUserFound",
                 "No user with given attributes was found, please try again."
                 );
                 }
                 }
                
                 private void queryUsers() {
                 usersList = userDAO.findByExample(exampleUser, orderByProperty, orderDescending, page * pageSize, pageSize, ignoreProperties);
                 }
                
                 public boolean isNextPageAvailable() {
                 return usersList != null && rowCount > ((page * pageSize) + pageSize);
                 }
                
                 public boolean isPreviousPageAvailable() {
                 return usersList != null && page > 0;
                 }
                 public int getPageSize() {
                 return pageSize;
                 }
                
                 public void setPageSize(int pageSize) {
                 this.pageSize = pageSize > maxPageSize ? maxPageSize : pageSize; // Prevent tampering
                 }
                
                 public int getRowCount() {
                 return rowCount;
                 }
                
                 public User getExampleUser() {
                 return exampleUser;
                 }
                
                 public void setExampleUser(User exampleUser) {
                 this.exampleUser = exampleUser;
                 }
                
                 public String getOrderByProperty() {
                 return orderByProperty;
                 }
                
                 public boolean isOrderDescending() {
                 return orderDescending;
                 }
                
                 public void sortBy(String propertyName) {
                 orderByProperty = propertyName;
                 orderDescending = !isOrderDescending(); // Switch between ASC and DESC
                 page = 0; // Reset to first page
                 queryUsers();
                 }
                
                }
                


                And the UI is bound to userSearch.exampleUser and the various other properties and methods for pagination etc.


                • 20. Re: HowTo: When going to a page to enter data, pull from db
                  Pete Muir Master

                   

                  "CptnKirk" wrote:
                  One down side to using EntityHome for generic crud is lack of built in security.


                  http://jira.jboss.com/jira/browse/JBSEAM-1224

                  • 21. Re: HowTo: When going to a page to enter data, pull from db
                    Expert

                     

                    christian.bauer@jboss.com wrote:
                    I prefer exactly the opposite, with a Search conversation scoped component that holds my prototype entity during the search conversation. Gives me a lot of control over what the user can select on the search screen and how I handle this in the backend:


                    I really like your search controller. I especially wish Seam's generic DAO (or maybe Query) construct came with *ByExample() methods.

                    The problem I usually face, and maybe search is a bad example, is the necessary reuse of the entities in other controllers. Lets take profile or preferences. Maybe our users are able to set the default number of entries per page in some profile entity. We could have a ProfileController.profileEntity type system (ok, an EntityHome would probably work well here, whatever just an example). But then what if you want to access some profileEntity properties in your UserSearchController. In the past there was value binding expression ugliness and you had to couple your ProfileController to your UserSearchController because it was the accessor. Seam allows me to avoid all of that baggage.

                    Unfortunately, I seem to get bitten by this regularly. It seems like no sooner do I define a UserSearch like yours, than a PM wants to reuse the entity used in this search in some other area of the application (without re-entering the data of course). This is why I generally prefer to separate my entity creation logic from my entity manipulation and business logic. I still love the UserSearch example, I'd just pass in the exampleUser along with the other values.

                    On the flip side, I'd love to learn something new. If I could be achieving my goals in a better way, please set me straight.

                    What my original post was trying to get at was that regardless of whether exampleUser is passed in or is part of the UserSearch component, the exampleUser is not retrieved via a call to UserHome.instance. Where UserHome is created for the sole purpose of providing the exampleUser. This is what I think the original thread creator was doing, and I think we can both advise against using EntityHome in such a way.


                    • 22. Re: HowTo: When going to a page to enter data, pull from db
                      Christian Bauer Master

                      The code I've posted can be found in Seam CVS, examples/wiki/. It's not trivial to set up (readme.txt) but it's almost alpha stage now :)

                      1 2 Previous Next