I've got the seam rules engine installed and am trying to write a drl file to grant access to my entities. I have a class that is restricted. Relevant beans:
@Name("calendar")
CustomerCalendar {
members : List
}
CalendarMember {
user : User
}
User {
username : String
}
The "CustomerCalendar" entity bean is restricted. I want it to be accessed only by users that are logged in and that are members of the calendar.
So my rules text must be something like:
if (check is read calendar)
and the calendar has a member with the user that is the current logged in user.
My login code has asserted the User object into the security context.
What I've got so far (that is not valid):
rule "Read calendar" no-loop activation-group "permissions" when check: PermissionCheck(name == "calendar", action == "read", granted == false) user: User() CustomerCalendar(members : members contains CalendarMember(user == user)) then check.grant(); end;