@RoleGroups is used in your Role class. It says that a Role can have other Roles.
Users can hava a role and this role can have other roles. This concept is for implicit roles.
Here an example:
If you have a Role
Developersand a subRole :
GUI-Developersyou can say all who have the
GUI-DeveloperRole automaticly have the Role
In this case you add the Role
Developersto RoleGroups of
If you grant the Role
GUI-Developersto a User, this user implicit also have the Role
With this approach you don't need to grant both Roles to the User.
This makes sens if you have a lot of cascaded Roles.
Seam automaticly resolves this RoleGroups while checking permissions.
thanks for the clear and concise explaination. /dan
I was having some trouble with the concept myself, I guess there are many different ways how this can be implemented but following worked for me.
Role Member of groups addClaim addLoan admin claimUser systemUser, addClaim loanUser systemUser, addLoan systemUser viewClaim, viewLoan user viewClaim viewLoan
And I allow user to select only roles with Groups. Based on the structure above, user ca be assigned following role(s) :systemUser, claimUser and loanUser