0 Replies Latest reply on Mar 18, 2009 3:01 PM by ebaxt

    Granting permissions

    ebaxt
    ebaxt Mar 18, 2009 3:01 PM

      I'm developing a simple CMS. One of the features is that an uploader is able to set permissions on the file he/she just uploaded. I'm using PersistentPermissions to do this.


      What I would like to do is to grant @Read,@Update and @Delete on an entity based on the @Permissions from PersistentPermissions. That is, I would like to have a Rule like this (it doesn't work, but shows my intentions)



      rule EditFileForOwner
  no-loop
  activation-group "permissions"
when
  acct: UserAccount()
  file: BasicContent(usr : uploader -> (usr.getUserId().equals(acct.getUser().getUserId())))
  check: PermissionCheck(target == file, action == "update_file", granted == false)
then
  check.grant();
end

//pseudocode - sort of :)

check2: PermissionCheck(name == "basicContent", action in ("update", "delete"), granted == false)

if(EditFileForOwner) 

then 
check2.grant();




      The entity BasicContent:



      @Permissions( { @Permission(action = "view_file"), @Permission(action = "remove_file"),
          @Permission(action = "update_file")})
@Entity
public abstract class BasicContent {

...

@PreUpdate @PreRemove
@Restrict
public void restrict() {}



      So I guess it boils down to this. How do I check if a user has a given PersistentPermission in a Drools rule?


      Thanks, Erik.