With OGNL you can call specific methods. So in my base action I have the
following:
public boolean isUserAuthorised(Integer actionId){
// here I get a handle to the authorisation code and test
// if the current user is authorised to execute the action
// if the user is aurthorised return true else return false
}
Then on my page I have the following
<s:if test="%{isUserAuthorised(23)}"></s:if>
Hope it helps.
Z.
On 1/12/10 3:16 AM, "Biesbrock, Kevin" <biesbrock.ke...@aoins.com> wrote:
>I figured it out. My interceptor was returning null instead of
>invocation.invoke()...n00b mistake. :)
>
>In your example, you invoke a specific method "isUserAuthorized()".
>What is the method named in your action? Is it "getIsUserAuthorized"?
>I have an action method "isAuthorized" and I have to invoke it e.g.,
><s:if test="%{authorized}">. If I change 'authorized' to
>'isAuthorized', then my else block is executed.
>
>
>Beez
>r 5347
>
>-----Original Message-----
>From: Biesbrock, Kevin
>Sent: Tuesday, November 30, 2010 11:06 AM
>To: 'Zoran Avtarovski'; 'Struts Users Mailing List'
>Subject: RE: Link Display Logic
>
>Thank you for the suggestion, Zoran! I guess I'm doing somewhat of a
>combination of what you and Dave suggested.
>
>I've been utilizing the Aware interfaces for my actions...I think it's
>similar to what you're suggesting with your base action class, just a
>different approach, if I understand correctly. The difference is that
>our UserInterceptor determines authorization level and sets the level on
>the action via a UserAware interface with a setAuthorizationLevel
>method.
>
>Then I have a jsp fragment that checks if they have the required
>authorization level. That jsp fragment is being included similarly to
>what I think Dave was suggesting, just using the standard s:action tag
>instead of writing my own custom tag.
>
>For some reason my s:action is being executed successfully, but it's not
>including the jsp fragment in my main jsp. I have the
>executeResult="true" attribute set. It worked for a minute and now it
>seems to just neglect to include it. I'm working on that right now.
>
>Thank you again for your suggestions! It definitely seems to be
>pointing me in a good direction! :)
>
>Sincerely,
>
>Beez
>
>-----Original Message-----
>From: Zoran Avtarovski [mailto:zo...@sparecreative.com]
>Sent: Monday, November 29, 2010 6:45 PM
>To: Struts Users Mailing List; Biesbrock, Kevin
>Subject: Re: Link Display Logic
>
>What we have implemented is a set of public authorisation methods in our
>base action which we call via ognl passing the actionId as the
>parameter.
>For example to test if a user should be shown the print report we have a
>isUserAuthorised(Integer actionId) method which we use as follows:
><s:if test="%{isUserAuthorised(123)}">Your stuff in here</s:if>
>
>I have to say that I think this is one of the best aspects of OGNL as
>we're easily able to easily use server side authorisation with simple
>ajax calls.
>
>Z.
>
>On 30/11/10 5:41 AM, "Biesbrock, Kevin" <biesbrock.ke...@aoins.com>
>wrote:
>
>>Hello users. I'm Kevin, first time caller, long time listener (Mr.
>>Obvious reference).
>>
>>I have two reports and need to display a link for each if the following
>
>>conditions are met:
>> 1. The user is authorized to view the reports (they are secured),
>>and
>> 2. The specific report currently exists
>>
>>Both of these conditions are determined via predefined methods (they
>>are "black boxes" to me).
>>
>>Following the MVC pattern, what is the best way to split up the display
>
>>logic of this such that my links are displaying to the appropriate
>>users when they exist?
>>
>>The links will display on the home page. So I thought about
>>determining these factors in the home action and wrapping s:if tags
>>around links to the reports. It seems simple enough, I was just
>>curious if there was a different and/or better approach.
>>____
>>Thank you for your time,
>>Kevin - "Beez"
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org
