David Sean Taylor wrote:
> In the Security model, is there a current 'Role' for a given User?
It's not working this way.
A user can have multiple roles at the same time.
And, you can have a role in a specific group.
For example you can be a Developer in group ProjectX
and Supervisor in group ProjectZ. There are roles
that are not associated with any particular group
but are system-wide (like turbine-root role). Those
roles are associated with the special group 'global'.
Here is a diagram of entity relationships
Group
|
|
User ----+---< Role -----< Permission
for accessing security information at runtime, you
must acquire the AccessControlList object associated
with the current user
AccessControlList acl = data.getACL();
consult the org.apache.turbine.util.AccessControlList
javadocs for methods avaiable.
for example you could use
if(acl.hasRole("admin","newsApp")) ...
to check if the current user has role admin in the group
adminApp
Rafal
--
Rafal Krzewski
Senior Internet Developer
mailto:[EMAIL PROTECTED]
+48 22 8534830 http://e-point.pl
------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Search: <http://www.mail-archive.com/turbine%40list.working-dogs.com/>
Problems?: [EMAIL PROTECTED]
