-
1. Re: Using grantPermissions of PermissionManager
khosro_question Apr 17, 2010 8:49 PM (in response to nifs)I have the same problem,look at here http://www.seamframework.org/Community/UsingPermissionManagerToGrant.
Khosro.
-
2. Re: Using grantPermissions of PermissionManager
nifs Apr 20, 2010 12:35 AM (in response to nifs)Finally i solved the problem; first we create the rule, in security.drl:
rule GiveFullPermissions no-loop when perm: PermissionCheck(target == "PermissionsClass", action == "seam.grant-permission", granted == false); Role(name == "root"); then perm.grant(); end
PermissionsClass indicates the seam component where the grantPermissions method is used(This is very important).
So, we add a row in our permission table like the following:
TABLE: OUR_PERMISSION_TABLE target action recipient descriminator PermissionsClass seam.grant-permission root user
The seam reference says:
Invoking the methods of PermissionManager requires that the currently authenticated user has the appropriate authorization to perform that management operation
So in the table showed in the reference, we see that the permission action for grantPermissions() is seam.grant-permission, so that's why we need to insert it before to the database with target equals to PermissionsClass.
My problem was located in the target passed to:
new Permission(Object target, String action, Principal recipient)
As I saw, the target must be exactly PermissionsClass, and now it works!!!
Thanks Khosro, your post was useful