4 Replies Latest reply on Dec 13, 2010 11:48 AM by zenig.szimmerman.sunshineradiology.com

    Permissions list for project

    zenig.szimmerman.sunshineradiology.com

      I am trying to understand Permissions and the best way to implement them.  I currently have secured my application with permissions checks via JpaPermissionStore on the view, class and method levels.  Here is a typical example of how I secure methods: @Restrict("#{s:hasPermission('userAction','createUser')}").


      I would like to create a view that displays ALL permissions for my project, allowing the end-user (administrator in this case) assign the permissions to various roles/users.  Much like jpaPermissionStore.listPermissions(UserAction.class) is for one class of the project, I want to list permissions for all objects in the project thus allowing full management of the permissions of the application.  If I can do this, then the permissions can be maintained simply from the permission checks in the code (albeit just the class and method checks).


      If this isn't recommended, then should I have a separate table (manually maintained) listing all possible permissions of the application and then add them to the jpaPermissionStore when granted?


      Ultimately I am looking for a simple way for an administrator to manage permissions for specific users/roles via views!


      Shawn