This content has been marked as final.
Show 1 reply
-
1. Re: Seam Security: Groups vs Roles
jsoye Jun 10, 2011 10:30 AM (in response to spitster)Hi,
I guess they are trying to be as flexible as possible. For instance, I may
want to associate a user to a 'friends' group. Or I might want to associate
users to a particular country group.@Inject IdentitySession identitySession; ... RelationshipManager relationshipManager = identitySession.getRelationshipManager(); relationshipManager.associateUser(friendsOfSeamGroup, user); relationshipManager.associateUser(canadianGroup, user);
In these cases I wouldn't care what role they have. Then I could just test if they
were in that group or not using:boolean inGroup(String name, String groupType); (where name is the name of the group) void checkGroup(String group, String groupType);
I might also be interested in finding out all the groups a person is associated
with by using:relationshipManager.findAssociatedGroups(user)
Again, I don't really care about roles.
On the other hand, the RoleManager is perfect for your more specific purposes, e.g.
(from the seam documentation) RoleManager roleManager = identitySession.getRoleManager(); RoleType manager = roleManager.createRoleType("manager"); Role r = roleManager.createRole(manager, user, headOffice); if (identity.hasRole("manager", "Head Office", "OFFICE")) { report.addManagementSummary(); }
or
public class Restrictions { public @Secures @Admin boolean isAdmin(Identity identity) { return identity.hasRole("admin", "USERS", "GROUP"); } }