perhaps the best way would be to send
'response.sendRedirect("/Unauthorized);' on authorization error?snowch wrote: > > When checking the record level security using the preprocessor, is it > possible to return an "error" view from the preprocessor? > > Many thanks, > > Chris > > > David E Jones-3 wrote: >> >> >> If you want to check something on every request you might try the >> "preprocessor" events that run before each request. >> >> -David >> >> >> On Apr 27, 2009, at 6:57 AM, snowch wrote: >> >>> >>> Hi forum, >>> >>> Some of my requests will contain a parameter (UpliftId) that holds an >>> identifier for a entity record. This is to provide record level >>> security >>> checks. Is there a way of performing this check in the controller >>> so that >>> every (logged in) request that has the parameter UpliftId is checked >>> to >>> ensure that the userLoginId has access to the the UpliftId? >>> >>> Many thanks in advance, >>> >>> Chris >>> -- >>> View this message in context: >>> http://www.nabble.com/Best-place-for-security-check--tp23255712p23255712.html >>> Sent from the OFBiz - User mailing list archive at Nabble.com. >>> >> >> >> > > -- View this message in context: http://www.nabble.com/Best-place-for-security-check--tp23255712p23259441.html Sent from the OFBiz - User mailing list archive at Nabble.com.
