2 Replies Latest reply on Jun 2, 2009 5:13 AM by yacin

seam hasPermission + drools

yacin Jun 1, 2009 2:36 AM

Hi,

I upgraded from Seam 2.0.1 to Seam 2.1.1, I extended Identity in order to use the Seam hasPermission

@Name("org.jboss.seam.security.identity")
@Scope(ScopeType.SESSION)
@BypassInterceptors
@Install(precedence=APPLICATION)
@AutoCreate
public class TrackableIdentity extends Identity

Once I updated to seam 2.1.1 then extending Identity was not working. I tried to use jboss rules, I did a lot of hard work to understand but I am all the time getting exception. please help is been almost a month I am struggling with this.

Here is the hasPermission section:

<ui:fragment rendered="#{s:hasPermission('MANAGE_AGENT_PROFILE', 'W') || s:hasPermission('MANAGE_AGENT_PROFILE', 'R')}">

For every user's login this is how I am creating the drools facts that will contain the Permission Objects I loaded from Database.

 List<Permission> permissions = new ArrayList<Permission>();
         List<RolePermission> rolePermissions = currPerson.getAppuser().getRole().getRolepermissions();
          if (rolePermissions != null && rolePermissions.size() > 0) {
               log.debug("####role permissions "+rolePermissions.size());
               System.out.println(">>test1");
               for (int j=0; j<rolePermissions.size(); j++) {
                    RolePermission rolePermission = rolePermissions.get(j);
                    policyPricingWorkingMemory.insert(rolePermission);
                    policyPricingWorkingMemory.fireAllRules();
                     

                    //Principal r = new Role(currPerson.getAppuser().getRole().getRole());
                    
                    //permissions.add(new Permission(rolePermission.getBusinessFunction().getFunctionName(), rolePermission.getAccessRight(), r));
               }
          }
         result = true;
     }

Each User has one Role and each Role has a List of Permissions and each Permission has one Function, which is the function that the current user has either Read or Write access to it.

The following is my Jboss rules:

rule checkWritePermission
 no-loop
     when
     //$rolePermission:RolePermission(businessFunction:businessFunction)
     rolePermission:RolePermission()
     fuct: rolePermission.businessFunction.functionName     
     check: PermissionCheck(name == fuct, action == "W")     
     then
          check.grant();
          System.out.println("Passed:  checkWritePermission");
end

I am using Jboss5, and Seam 2.1.1, so here is the error I am getting, please help.


20:27:22,396 ERROR [RuleBase] errors parsing rules in: /security.drl
20:27:22,398 ERROR [RuleBase] unknown:17:1 mismatched token: [@87,354:358='check',<7>,17:1]; expecting type LEFT_PAREN (/security.drl)
20:27:22,398 ERROR [RuleBase] unknown:17:24 Unexpected token 'target' (/security.drl)

Thank-you.

1. Re: seam hasPermission + drools

niox.nikospara.yahoo.com Jun 1, 2009 9:22 AM (in response to yacin)

Hello,

A JBoss rules syntax error I believe. Although I am no expert, please try something like:

rule checkWritePermission
 no-loop
     when
          rolePermission:RolePermission(fuct: businessFunction.functionName)
          check: PermissionCheck(name == fuct, action == "W")     
     then
          check.grant();
          System.out.println("Passed:  checkWritePermission");
end

I am not sure if businessFunction.functionName will work, but

          fuct: rolePermission.businessFunction.functionName

seems definitely wrong.

2. Re: seam hasPermission + drools

yacin Jun 2, 2009 5:13 AM (in response to yacin)

Thank-you very much, it did fixed the drools issue, but now I have another issue, but first I will try to fix it.
Actions

Go to original post