I just rebuit a fresh base project using
mvn archetype:create -DarchetypeGroupId=org.appfuse -DarchetypeArtifactId=appfuse-basic-spring -DremoteRepositories=http://static.appfuse.org/repository -DarchetypeVersion=2.0-m4-SNAPSHOT -DgroupId=com.mycompany -DartifactId=myproject and without any other modifications, I'm now seeing the "Access Denied Your current role does not allow you to view this page....how about a pretty picture to cheer you up?" page, which is indeed prettier. I think the exception in the project I've been modifying a bit may be a result of the fact that I'm modifying org.appfuse.model.User to create a one-to-many relationship between it an a Contact... public class User extends BaseObject implements Serializable, UserDetails { [...] public Set<Contact> getContacts() { return contacts; } public void setContacts(Set<Contact> contacts) { this.contacts = contacts; } [...] } and... public class Contact extends BaseObject { [...] @ManyToOne @JoinColumn(name="user_fk",nullable=false) public User getUser() { return user; } public void setUser(User user) { this.user = user; } [...] } So, a couple questions: 1) Is there some simple configuration change I can make so that a non-admin user can change their own user.username? 2) Any caveats in terms of modifying org.appfuse.model.User with respect to the acegisecurity stuff? If there are none in particular, I'm sure there are still plenty of places where I could be screwing things up in my implementation of the parent-child User-Contact relationship. thanks! -nate mraible wrote: > > Can you send me your sample-data.xml so I can try to reproduce? The > bug you're referring to in 1.9.1 should've been fixed before we > started migrating to 2.x. > > Matt > > On 3/5/07, natophonic <[EMAIL PROTECTED]> wrote: >> >> >> With >> appfuse-spring-2.0-m4-20070303.161353-20.warpath.jar >> and >> appfuse-web-common-2.0-m4-20070303.161353-60.warpath.jar >> >> and Spring MVC Basic archtype with the standard sample data, when trying >> to >> change the 'tomcat' username to say 'tomcat2', I get the following >> exception: >> >> Yikes! >> >> org.acegisecurity.AccessDeniedException: Access Denied: Only >> administrators >> are allowed to modify other users. >> at >> org.appfuse.service.UserSecurityAdvice.before(UserSecurityAdvice.java:69) >> at >> org.springframework.aop.framework.adapter.MethodBeforeAdviceInterceptor.invoke(MethodBeforeAdviceInterceptor.java:52) >> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:176) >> at >> org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:107) >> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:176) >> at >> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:210) >> at $Proxy37.saveUser(Unknown Source) >> at >> org.appfuse.webapp.controller.UserFormController.onSubmit(UserFormController.java:110) >> [...] >> >> >> >> Changing 'mraible' to 'mraible2' works as expected. >> >> I saw a similar-looking >> http://issues.appfuse.org/browse/APF-358 >> but that seems to pertain to 1.9, not 2.0. >> >> Hopefully it's the same fix, easily ported. :) >> >> -nate >> >> >> -- >> View this message in context: >> http://www.nabble.com/exception-is-thrown-when-trying-to-change-the-username-in-2.0-snapshot-m4-tf3353260s2369.html#a9325331 >> Sent from the AppFuse - User mailing list archive at Nabble.com. >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > > -- > http://raibledesigns.com > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > -- View this message in context: http://www.nabble.com/exception-is-thrown-when-trying-to-change-the-username-in-2.0-snapshot-m4-tf3353260s2369.html#a9326439 Sent from the AppFuse - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
