You should read the reference guide on Domain Object Security: http://www.acegisecurity.org/docbook/acegi.html#domain-acls
A great tutorial for you would be the contacts sample. We have a new tutorial application as well, but I'm not familiar with it. On 6/15/06, Darrell Esau <[EMAIL PROTECTED]> wrote: > Hello all, > > I'm investigating Acegi for my authe/o needs in my current Spring/Hibernate > application. > > >From reading the document so far, I'm unsure if Acegi can do what I need (in > totality), but it appears it can help with the basic framework. > > In a nutshell, I'm looking for data-level authorization. > > I'll try to provide a simple use case to describe what I need: > > In a bookstore application, we have Book objects. I'd like to be able to give > an "ownership" (or ownerships) to each Book which tells who can view and who > can edit the Book properties. > > >From the tutorials that I've seen so far, I believe I know how to setup Acegi > up to tell me whether or not a user has access to "view books" (in general), > or "edit books" (in general) -- but I haven't found a way to have Acegi > decide whether or not "Joe" can edit "Of Mice and Men". > > Is this possible? If so, any suggestions on what methods/classes I would use > for this? Are there any data-level auth/o tutorials out there? > > Thanks for any advice you can lend, > -Darrell > > > > > > _______________________________________________ > Home: http://acegisecurity.org > Acegisecurity-developer mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer > _______________________________________________ Home: http://acegisecurity.org Acegisecurity-developer mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
