How to extend @Restrict expresssion?

victoriaonsnow.viktor.rees.nexgo.de Mar 18, 2008 11:28 AM

Similar to the existing Security methods Identity.hasRole() and Identity.hasPermission() I want to add a Identity.hasRight() functionality that takes database based rights for authorisation of methods and pages.

@Name("org.jboss.seam.security.identity")
@Scope(ScopeType.SESSION)
@Install(precedence = Install.APPLICATION)
@BypassInterceptors
@Startup
public class RightBasedIdentity extends RuleBasedIdentity 
{
  private Map<String, AuthorisationRight> authorisationRights = new HashMap<String, AuthorisationRight>();

  public boolean addRight(AuthorisationRight right)
  {
     :
  }

  public boolean hasRight(String rightName)
  {
     :
  }

This works quite well. The problem is how to extend the @Restrict annotation and user interface usage. The new security method should be used as follow, if possible:

Code:
@Restrict("#{s:hasRight('address:change')}")

User Interface:
<h:outputLink ... rendered="#{s:hasRight('address:change')}"

I found out that these security methods are defined in class SeamFunctionMapper. Is it possible to adapt this class anyhow and tell seam to to use it?

Thanks for your help.

1. Re: How to extend @Restrict expresssion?

pmuir Mar 19, 2008 12:00 PM (in response to victoriaonsnow.viktor.rees.nexgo.de)

JBSEAM-2356
Actions