@Restrict referencing objects in Seam context

mtpettyp Jul 11, 2007 10:10 AM

Looking at the @Restrict annotation I see that any objects in the Seam Context can be referenced (such as 'selectedAccount' below):

@Name("account")
public class AccountAction {
 @In Account selectedAccount;
 @Restrict("#{s:hasPermission('account','modify',selectedAccount)}")
 public void modify() {
 selectedAccount.modify();
 }
}

However, I can't see a way to pass in an arbitrary number of Seam Context objects without explicity specifying the componentName and methodName as part of a "s:hasPermission" in the @Restrict value.

This is a bit of a limitation when trying to secure components on a derived EntityHome class. I've specified a number of instances in components.xml which use my derived EntityHome, but their name is not available to pass to the annotation.

I'd rather not have to write a separate derived EntityHome class with @Name annotation specified to get around this limitation for each EJB entity I'm dealing with.

Am I missing something simple here? Or should I log this as a feature request?

1. Re: @Restrict referencing objects in Seam context

shane.bryzak Jul 11, 2007 6:46 PM (in response to mtpettyp)

You can assert objects directly into the security context with RuleBasedIdentity.getSecurityContext().assertObject(), without having to place them into a Seam context first.
Actions