On Tuesday 13 February 2007 16:59, Niclas Hedhman wrote: > Now, the question is how are these "authorization roles" being assigned? > We could introduce the addBasicRole, removeBasicRole, addRequiredRole and > removeRequiredRole to the interface or the AbstractContentSource, but it > seems like they won't be used much nor easily.
I added the methods getRequiredRoles, getBasicRoles on the two ContentSource implementation classes to retrieve the Roles instances, and a single setRoles() to ensure the atomicity in the change, which will be propagated thru a service event... So, programmatically one can do; ContentSource source = new MyContentSource(.... Roles required = new Roles( "executive, manager" ); Roles basic = new Roles( "accounting, audit, board" ); source.setRoles( required, basic ); : And as mentioned, the those can be changed in runtime via the Configuration Admin service. If the roles are not satisfied by the logged in user upon the request, then the ContentSource will not add the component, i.e. it becomes invisible. Is that an acceptable behavior? Cheers Niclas _______________________________________________ general mailing list [email protected] http://lists.ops4j.org/mailman/listinfo/general
