OK, let me put it another way.
Acegi cannot do what you say in #3. But if you really want to fulfill this
function, try to build a database table of all the assets manually, then u
can list them, and use Acegi to protect your domain object of this table for
every single user, not limited to a specific user role.
On 9/7/07, tedzo <[EMAIL PROTECTED]> wrote:
>
> Shi,
> Thank you for your response. I have been reading the reference manual now.
> About your response #3 below, I am not sure I understand what you mean. I
> am trying to list out all the assets that a user has access to and I am not
> certain how protecting a method or object might help. I guess I am trying to
> find out if it is possible with acegi to do a kind of dry run for a given
> user in order to find out which assets are accessible by a user without
> actually accessing it (and getting hit by a accessDenied exceptions). Does
> what I am trying to convey make sense?
>
> Thanks,
>
> An
>
>
> ----- Original Message ----
> From: Shi Lei <[EMAIL PROTECTED]>
> To: [email protected]
> Sent: Tuesday, September 4, 2007 8:40:54 PM
> Subject: Re: [Acegisecurity-developer] Can acegi do these?
>
> hi, tedzo
>
> 1. yes, but you need to configure it yourself
>
> 2. take a look at Acegi Reference chapter 20.4
>
> 3. Acegi protect method (for example, methods related to your assets) and
> domain object, take a look at chapter 21, 22 as well as
> acegi-security-sample-contacts
>
> On 9/5/07, tedzo <[EMAIL PROTECTED]> wrote:
> >
> > Hello,
> > I am trying to figure if acegi is the right framework to use for our
> > requirements. Some of our requirements are as follows -
> >
> > 1. Allow me to define roles that are specific to my application AND that
> > are hierarchical. For example, ROLE_VIEWER, ROLE_WRITER, ROLE_CREATOR,
> > ROLE_SUPER where VIEWER can only view, WRITER can view AND write, CREATOR
> > can view, write AND create and SUPER can do everything including delete. Can
> > I define such a hierarchy? Will acegi automatically handle the hierarchy for
> > me?
> > 2. It seems that acegi handles access to web pages in as a whole,
> > meaning, I can authorize (or not) a user attempting to view somepage.jsp,
> > for example. However, lets say sompage.jsp contains a visual element,
> > say a button, that needs to be displayed (or enabled) only to users with
> > CREATOR and SUPER roles. Can I implement such a mechanism with acegi?
> > Basically that would mean I should be able to provide a user's credentials
> > and required access right for a given asset and acegi has to respond with a
> > yes/no response of s some sort.
> > 3. Can acegi provide me with a list of all protected assets (say files)
> > that a user has access to? Meaning, lets say I have files that need to be
> > protected such that some may be handled by a user with VIEWER role while
> > others require user to have other roles. A user with WRITER role logs in and
> > I want to present a list assets available for him/her to handle. Can I
> > somehow query acegi for such a list?
> >
> >
> > Thank you for your time.
> >
> > An
> >
> >
> > ------------------------------
> > Ready for the edge of your seat? Check out tonight's top
> > picks<http://us.rd.yahoo.com/evt=48220/*http://tv.yahoo.com/>on Yahoo! TV.
> >
> >
> > -------------------------------------------------------------------------
> > This SF.net email is sponsored by: Splunk Inc.
> > Still grepping through log files to find problems? Stop.
> > Now Search log events and configuration files using AJAX and a browser.
> > Download your FREE copy of Splunk now >> http://get.splunk.com/
> > _______________________________________________
> > Home: http://acegisecurity.org
> > Acegisecurity-developer mailing list
> > [email protected]
> > https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
> >
> >
>
>
>
> ------------------------------
> Building a website is a piece of cake.
> Yahoo! Small Business gives you all the tools to get
> online.<http://us.rd.yahoo.com/evt=48251/*http://smallbusiness.yahoo.com/webhosting/?p=PASSPORTPLUS>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc.
> Still grepping through log files to find problems? Stop.
> Now Search log events and configuration files using AJAX and a browser.
> Download your FREE copy of Splunk now >> http://get.splunk.com/
> _______________________________________________
> Home: http://acegisecurity.org
> Acegisecurity-developer mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
>
>
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Home: http://acegisecurity.org
Acegisecurity-developer mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
