I originally removed the IDs as I didn't want the user hacking around trying to find someone else's data. It's the usual use-case I suppose and certainly something that I do whenever I see IDs in the query string. I can check the authorisation of the user in the find() or similar but the @DataModel approach means I don't have to bother with that.
Sounds like from http://jira.jboss.com/jira/browse/JBSEAM-1734 that you're looking at removing the @DataModel entirely? JBSEAM-2391 just needs the DataTable populated from a list annotated with @DataModel or am I missing something? Cheers, Damian. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4114605#4114605 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4114605 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
