Weird drools problem
security.drl contains:
rule ModifyMyself no-loop when $perm: PermissionCheck(name == "userDetailHome", action == "update", granted == false) Principal($username: name) then $perm.grant(); end
UserDetailHome is the following:
@Name("userDetailHome")
public class UserDetailHome extends EntityHome<UserDetail>
{
@RequestParameter
Long userId;
@Override
public Object getId()
{
if (userId == null)
{
return super.getId();
}
else
{
return userId;
}
}
@Restrict("#{s:hasPermission('userDetailHome', 'update', userDetailHome.instance)}")
@Override
public String update() {
return super.update();
}
@Override @Begin(join=true)
public void create() {
super.create();
}
}editUser.xhtml is like this:
<h:form id="editUserForm" enctype="multipart/form-data">
<rich:panel>
<f:facet name="header">Edit User</f:facet>
<s:validateAll>
<div class="dialog"><h:panelGrid columns="3"
rowClasses="prop" columnClasses="name,value,message">
<h:outputLabel for="username">Username</h:outputLabel>
<h:outputText id="username" value="#{userDet.username}"
required="true" />
<h:message for="username"/>
<h:outputLabel for="first">First Name</h:outputLabel>
<h:inputText id="first" value="#{userDet.firstName}"
required="true" />
<h:message for="first"/>
<h:outputLabel for="last">Last Name</h:outputLabel>
<h:inputText id="last" value="#{userDet.lastName}"
required="true" />
<h:message for="last"/>
<h:outputLabel for="email">Email address</h:outputLabel>
<h:inputText id="email" value="#{userDet.email}"
required="true" />
<h:message for="email"/>
<h:outputLabel for="phone">Phone Number</h:outputLabel>
<h:inputText id="phone" value="#{userDet.phone}"
required="false" />
<h:message for="phone"/>
<h:outputLabel for="image">Profile image / avatar</h:outputLabel>
<s:fileUpload id="image" accept="image/png,image/gif,image/jpeg"
data="#{userDet.image}"
contentType="#{userDet.imageContentType}" />
<h:message for="image"/>
</h:panelGrid></div>
</s:validateAll>
<h:commandButton id="save" value="Save" action="#{userDetailHome.persist}"
rendered="#{!userDetailHome.managed}"/>
<h:commandButton id="update" value="Save" action="#{userDetailHome.update}"
rendered="#{userDetailHome.managed}"/>
</rich:panel>
</h:form>
finally, components.xml part:
<drools:rule-base name="securityRules">
<drools:rule-files>
<value>/security.drl</value>
</drools:rule-files>
</drools:rule-base>
<security:rule-based-permission-resolver
security-rules="#{securityRules}" />I get:
Caused by: org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasPermission('userDetailHome', 'update', userDetailHome.instance)}]Than the entity gets updated!?!?!?!
And once again:
Caused by: org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasPermission('userDetailHome', 'update', userDetailHome.instance)}]Could someone please shed some light on this? I'm really feeling lost, though it seems so easy to implement..