Everyone, I'm thinking about developing an extension for Struts and wanted to see what you developers think before I build it. Building off of Nic Hobb's Role-based Actions, I'd like to add the ability to control a form's look and feel based on the user's role. Basically, what I hope to do is add declarative security to struts-config.xml so that form fields can be write-able, read-only, or hidden based on the user's role.
My idea is to add a <security> element to the <form-bean> declaration - like
so:
<form-bean name="firstForm"
type="org.apache.struts.webapp.example.FirstForm">
<security fields="field1,field2,field3"
(inRole | notRole)="readOnly1,readOnly2"
type="readOnly"/>
</form-bean>
fields = comma delimited list you want to set security for.
inRole or notRole = comma delimited list of roles that this applies to
type = flag to indicate type of security
readOnly - adds disabled="disabled" to html controls (struts html
tag that builds html)
hidden - changes control from type="*" to type="hidden" OR doesn't
even put the name/value on the page
write - default (shouldn't need to be used)
Let me know what you think. I receive a fair amount of positive feedback,
I'll write the extension and a sample app to go with it.
Thanks,
Matt
winmail.dat
Description: application/ms-tnef
-- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
