"wuhaixing" wrote : In the seamspace project,security-rule.drl has the
following code snippet I donn't know why.
| 1.
| check: PermissionCheck(name == "memberImage", action == "view", granted ==
false)
| there is a memberImage component,but where is the action view?
|
In ContentAction:
if (img == null || !Identity.instance().hasPermission("memberImage",
"view", img))
"wuhaixing" wrote : 2.
| check: PermissionCheck(name == "blog", action == "create", granted == false)
| Does this mean Statful session bean BlogAction create is restircted?
|
No, this permission is used to control the display of a link in profile.xhtml:
<s:span rendered="#{s:hasPermission('blog', 'create',
selectedMember)}">
"wuhaixing" wrote : 3.
| check: PermissionCheck(name == "friendComment", action == "create", granted
== false)
| Restrict @Factory("friendComment")?and where is action create?
|
This is also in profile.xhtml:
<s:span rendered="#{s:hasPermission('friendComment', 'create',
selectedMember.friends)}">
And the permission is checked in FriendAction:
Identity.instance().checkRestriction("#{s:hasPermission('friendComment',
'create', friends)}");
"wuhaixing" wrote : 4.
| @Restrict is not required to invoke permission check?
No, a permission check can be also be performed via Identity.checkRestriction().
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4107903#4107903
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4107903
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
