Weird drools problem
wespe Dec 28, 2008 5:01 PMsecurity.drl contains:
rule ModifyMyself no-loop when $perm: PermissionCheck(name == "userDetailHome", action == "update", granted == false) Principal($username: name) then $perm.grant(); end
UserDetailHome is the following:
@Name("userDetailHome") public class UserDetailHome extends EntityHome<UserDetail> { @RequestParameter Long userId; @Override public Object getId() { if (userId == null) { return super.getId(); } else { return userId; } } @Restrict("#{s:hasPermission('userDetailHome', 'update', userDetailHome.instance)}") @Override public String update() { return super.update(); } @Override @Begin(join=true) public void create() { super.create(); } }
editUser.xhtml is like this:
<h:form id="editUserForm" enctype="multipart/form-data"> <rich:panel> <f:facet name="header">Edit User</f:facet> <s:validateAll> <div class="dialog"><h:panelGrid columns="3" rowClasses="prop" columnClasses="name,value,message"> <h:outputLabel for="username">Username</h:outputLabel> <h:outputText id="username" value="#{userDet.username}" required="true" /> <h:message for="username"/> <h:outputLabel for="first">First Name</h:outputLabel> <h:inputText id="first" value="#{userDet.firstName}" required="true" /> <h:message for="first"/> <h:outputLabel for="last">Last Name</h:outputLabel> <h:inputText id="last" value="#{userDet.lastName}" required="true" /> <h:message for="last"/> <h:outputLabel for="email">Email address</h:outputLabel> <h:inputText id="email" value="#{userDet.email}" required="true" /> <h:message for="email"/> <h:outputLabel for="phone">Phone Number</h:outputLabel> <h:inputText id="phone" value="#{userDet.phone}" required="false" /> <h:message for="phone"/> <h:outputLabel for="image">Profile image / avatar</h:outputLabel> <s:fileUpload id="image" accept="image/png,image/gif,image/jpeg" data="#{userDet.image}" contentType="#{userDet.imageContentType}" /> <h:message for="image"/> </h:panelGrid></div> </s:validateAll> <h:commandButton id="save" value="Save" action="#{userDetailHome.persist}" rendered="#{!userDetailHome.managed}"/> <h:commandButton id="update" value="Save" action="#{userDetailHome.update}" rendered="#{userDetailHome.managed}"/> </rich:panel> </h:form>
finally, components.xml part:
<drools:rule-base name="securityRules"> <drools:rule-files> <value>/security.drl</value> </drools:rule-files> </drools:rule-base> <security:rule-based-permission-resolver security-rules="#{securityRules}" />
I get:
Caused by: org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasPermission('userDetailHome', 'update', userDetailHome.instance)}]
Than the entity gets updated!?!?!?!
And once again:
Caused by: org.jboss.seam.security.AuthorizationException: Authorization check failed for expression [#{s:hasPermission('userDetailHome', 'update', userDetailHome.instance)}]
Could someone please shed some light on this? I'm really feeling lost, though it seems so easy to implement..