Reinhard Pötz wrote: > > The Cocoon object of the FOM has the method > > Component getComponent(id) > > It should return any component but no sitemap components. This means we > only return components defined in the roles file(s). How can we check if > it is an "allowed" component? > > Any ideas? > I think the simplest solution is to use the correct component manager that holds only the components configured in roles/cocoon.xconf. This is the component manager of the o.a.c.Cocoon object. Each sitemap as its own component manager for the sitemap component, they are linked in a hierarchy to the above mentioned one.
Do we want to force people to edit cocoon.xconf to call their own business components from the flow? I thought Stefano proposed checking for SitemapModelComponent and disallowing it? Would that prevent looking up a transformer, but allow looking up a legitimate component defined in map:components?
I'm still wanting to enable people (me!) to reuse action _code_ (not the contract) with little re-coding of the original class file where not necessary. If that can't be done in a clean way that doesn't invite abuse then so be it, but I think it's worth trying for.
Geoff