I think there is another Issue. AFAIK you can not simply use FK's to refer
to the turbine-security tables. There is an howto on how to extend the
TURBINE_USER table, I have to do that anyway, so i'll walk through it. So
i can check, if this howto also applies for other tables, like the
permission table, which we would have to extend for our menu.
David
Jeffery Painter <[EMAIL PROTECTED]>
22.10.2003 23:04
Bitte antworten an "Turbine Users List"
An: Turbine Users List <[EMAIL PROTECTED]>
Kopie:
Thema: RE: Dynamic Menu
After talking with David, I think he and I have come up with a method to
create a Menu service that would be stuck into the user's context.
We would store the relevant links in a table associated with the
permission attribute and allow the menu service to compose a $menu object
that could then be pulled in from velocity.
My only nagging is that there needs to be a good way to "sort" the menu
options in a preferred way rather than having it just be a pull from the
database, the developer should have a way of positioning the menu elements
in a clear fashion. any thoughts on this would be appreciated.
I'll let the list know how it works out if anyone else is interested in
this tool.
It would allow the developer to keep a breakdown of security a little more
cleanly organized and keep from having to hard code permissions into the
SecureScreen class.
Ideally, this menu object could then be formatted according to anyone's
liking, whether it be straight links or to be used in a dynamic javascript
type menu, or some xhtml formatting
Jeff Painter
On Thu, 23 Oct 2003, Gavin wrote:
> We use an approach where the ACL checks are done in your base
SecureScreen
> class, which is the superclass for all of your own screen classes.
>
> Using something like:
>
> protected void setContextACLs(AccessControlList acl, Context ctx)
> {
> if (acl == null)
> return;
>
> if (acl.hasPermission("admin_users"))
> ctx.put("Admin", "1");
> if (acl.hasPermission("client_access"))
> ctx.put("Client", "1");
> if (acl.hasPermission("staff_access"))
> ctx.put("Staff", "1");
> }
>
>
> And then in your menu you can simply use this pattern:
>
> #if ($Client || $Staff)
> | <a
href="$link.setPage("ClientStaffSharedAccess.vm")">Client
> and Staff accessible page</a>
> #end
>
> #if ($Staff)
> | <a href="$link.setPage("StaffOnly.vm")">Staff Only Page</a>
>
> #if ($Admin)
> | <a href="$link.setPage("user,FluxUserList.vm")">Users</a>
> | <a href="$link.setPage("role,FluxRoleList.vm")">Roles</a>
> #end
>
> | <a href="$link.setAction("LogoutUser")">Logout</a>
>
> Gavin Barron B.Sc
> J2EE Developer
> Genix Systems Ltd
> http://www.genixsystems.com/
>
> "Never underestimate the bandwidth of a station wagon full of hard
drives"
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
