0 Replies Latest reply on Dec 28, 2008 5:01 PM by Gábor Sift

    Weird drools problem

    Gábor Sift Newbie

      security.drl contains:



      rule ModifyMyself
        no-loop
      when
        $perm: PermissionCheck(name == "userDetailHome", action == "update", granted == false)
        Principal($username: name)
      then
        $perm.grant();
      end



      UserDetailHome is the following:



      @Name("userDetailHome")
      public class UserDetailHome extends EntityHome<UserDetail>
      {
          @RequestParameter
          Long userId;
      
          @Override
          public Object getId()
          {
              if (userId == null)
              {
                  return super.getId();
              }
              else
              {
                  return userId;
              }
          }
      
          @Restrict("#{s:hasPermission('userDetailHome', 'update', userDetailHome.instance)}")
          @Override
              public String update() {
                      return super.update();
              }
      
              @Override @Begin(join=true)
          public void create() {
              super.create();
          }
      
      }



      editUser.xhtml is like this:



      <h:form id="editUserForm" enctype="multipart/form-data">
      
                              <rich:panel>
                                      <f:facet name="header">Edit User</f:facet>
      
                                      <s:validateAll>
                                              <div class="dialog"><h:panelGrid columns="3"
                                                      rowClasses="prop" columnClasses="name,value,message">
                                                      <h:outputLabel for="username">Username</h:outputLabel>
                                                      <h:outputText id="username" value="#{userDet.username}"
                                                              required="true" />
                                                      <h:message for="username"/>
                                                      <h:outputLabel for="first">First Name</h:outputLabel>
                                                      <h:inputText id="first" value="#{userDet.firstName}"
                                                              required="true" />
                                                      <h:message for="first"/>
                                                      <h:outputLabel for="last">Last Name</h:outputLabel>
                                                      <h:inputText id="last" value="#{userDet.lastName}"
                                                              required="true" />
                                                      <h:message for="last"/>
                                                      <h:outputLabel for="email">Email address</h:outputLabel>
                                                      <h:inputText id="email" value="#{userDet.email}"
                                                              required="true" />
                                                      <h:message for="email"/>
                                                      <h:outputLabel for="phone">Phone Number</h:outputLabel>
                                                      <h:inputText id="phone" value="#{userDet.phone}"
                                                              required="false" />
                                                      <h:message for="phone"/>
                                                      <h:outputLabel for="image">Profile image / avatar</h:outputLabel>
                                                      <s:fileUpload id="image" accept="image/png,image/gif,image/jpeg"
                                                                      data="#{userDet.image}"
                                                                      contentType="#{userDet.imageContentType}" />
                                                      <h:message for="image"/>
                                              </h:panelGrid></div>
                                      </s:validateAll>
                                      <h:commandButton id="save" value="Save" action="#{userDetailHome.persist}"
                                              rendered="#{!userDetailHome.managed}"/>                                 
                                      <h:commandButton id="update" value="Save" action="#{userDetailHome.update}"
                                              rendered="#{userDetailHome.managed}"/>
      
                              </rich:panel>
      
                      </h:form>
      



      finally, components.xml part:



              <drools:rule-base name="securityRules">
                      <drools:rule-files>
                              <value>/security.drl</value>
                      </drools:rule-files>
              </drools:rule-base>
              <security:rule-based-permission-resolver
                      security-rules="#{securityRules}" />



      I get:


      Caused by: org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasPermission('userDetailHome', 'update', userDetailHome.instance)}]



      Than the entity gets updated!?!?!?!


      And once again:



      Caused by: org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasPermission('userDetailHome', 'update', userDetailHome.instance)}]



      Could someone please shed some light on this? I'm really feeling lost, though it seems so easy to implement..