Hey ++1 this sounds awesome looks definitely one step ahead of rendered.
Werner
Am 16.01.11 21:19, schrieb Rudy De Busscher:
@All
I have created a CODI add-on that allows you to 'secure' JSF components
by using an implementation of the CODI AbstractAccessDecisionVoter.
These voters can then be used to restrict the access. In the next
example, the text is only visible when the voter 'loggedIn' (which is a
named CDI bean extending AbstractAccessDecisionVoter) don't set any
ViolationException.
<h:outputFormat value="#{msg['general.label.welcome']} | ">
<s:securedComponent voter="loggedIn"/>
<f:param value="#{loggedInUserBean.login}"/>
</h:outputFormat>
It is also possible to supply the method some parameter values. You
can supply it for example with the looping variable from a dataTable,
and thus hiding the values in a column except when the user has access
to it.
<h:column>
<f:facet name="header">Salary</f:facet>
<h:outputText value="#{employee.salary}">
<s:securedComponent voter="currentUser, hasAdministratorRole">
<s:securedComponentParameter value="#{employee}"/>
</s:securedComponent>
</h:outputText>
</h:column>
In the above example, the salary value is visible only to employee
itself or the administrator.
More info can be found in the readme that comes with the add-on.
You can find the initial version here (1)
Since it has a very deep integration with JSF structures, I need to make
more tests to confirm it works in more environments. For the moment,
the example works with Tomcat 6.0.29.
When you do have questions, remarks or finds any problems, just let it
me know.
1 = http://bitbucket.org/os890/codi-addons secureComponent directory.
Regards
rudy.
