This content has been marked as final.
Show 3 replies
-
1. Re: Does Seam Permissioning allow hierarchy of targets?
shane.bryzak Nov 4, 2008 4:15 AM (in response to nbhatia.bhatian.comcast.net)You would need to implement something like this yourself. Since the scope of what type of objects permissions can be defined for is pretty much infinite, there's not really a generic solution that we can apply to a problem like this.
-
2. Re: Does Seam Permissioning allow hierarchy of targets?
nbhatia.bhatian.comcast.net Nov 4, 2008 1:24 PM (in response to nbhatia.bhatian.comcast.net)Fair enough. Thanks for your quick response Shane.
-
3. Re: Does Seam Permissioning allow hierarchy of targets?
alejo.net Nov 4, 2008 10:09 PM (in response to nbhatia.bhatian.comcast.net)Hi Naresh
This is how I solved it:
First I put this entry in my pages.xml
<page view-id="/*" login-required="true" action="#{permissionResolver.checkCurrentUserRights()}" >
<navigation>
<rule if-outcome="not-authorized">
<redirect view-id="/error.xhtml" >
<message>you don´t have permissions to view this</message>
</redirect>
</rule>
</navigation>
</page>
And the implementation of checkCurrentUserRights():
public String checkCurrentUserRights() {
String viewId = facesContext.getCurrentInstance().getViewRoot().getViewId();
do{
if (dataLoader.getPermissionsTable().containsKey(viewId))
{
Permission temp = dataLoader.getPermissionsTable().get(viewId);
if (temp.getUserPermissions().containsKey(this.user.getUsername())){
if (temp.getUserPermissions().get(this.user.getUsername()) == true)
return this.OK;
else return this.NO_ACCESS;
}
ConcurrentHashMap<String, Boolean> intersection = new ConcurrentHashMap<String, Boolean>(temp.getRolesDeniedPermissions());
if(intersection.keySet().retainAll(userTools.getRolesStrings()))
return this.NO_ACCESS;
ConcurrentHashMap<String, Boolean> intersection2 = new ConcurrentHashMap<String, Boolean>(temp.getRolesAllowedPermissions());
if(intersection2.keySet().retainAll(userTools.getRolesStrings()))
return this.OK;
}
viewId = viewId.substring(0, viewId.lastIndexOf("/"));
} while (viewId.length() > 1);
return this.NO_ACCESS;
}
}
where dataLoader has a concurrentHashMap containing entries of Permissions, which in turn has 3 concurrentHashMap, one for the permissions defined por especific users, and the others two for de roles that I want to denied or to permit, if there is no entry defined por this especific file I check for entrys for the directories where this file is located. I load the data to fill this tables from 3 tables in my database, resources, users, roles and their relations.
I hope this helps you.