Hi Matthias, OK, so I've taken a look into this, and it does indeed turn out to be a bug. I've raised the JIRA [1] and it's now fixed in trunk; to pick up you'll need to build Isis from source [2] until we push out the next release.
Cheers Dan [1] https://issues.apache.org/jira/browse/ISIS-656 [2] http://isis.apache.org/contributors/building-isis.html On 21 January 2014 09:52, Dan Haywood <[email protected]> wrote: > > > > On 21 January 2014 09:47, wp1188282-isis <[email protected]> wrote: > >> Hi >> > > > Hi Matthias, > > > >> >> At first thank you for Isis. It's fun solving problems with this handy >> tool. >> >> Glad you like it, and welcome to the mailing list. If you could > subscribe, then it'll save me having to approve your posts. > > > > >> I have a problem with roles, esp. container.getUser().hasRole(...). If I >> use the >> archetype and implement a action like: >> >> LOG.info("admin: "+container.getUser().hasRole("admin_role")); >> LOG.info("user: "+container.getUser().hasRole("user_role")); >> >> LOG.info("analysis: "+container.getUser().hasRole("analysis_role")); >> >> LOG.info("self-install: >> "+container.getUser().hasRole("self-install_role")); >> >> >> for (RoleMemento rm:container.getUser().getRoles()) >> LOG.info("ROLE: "+rm.getName()); >> >> I always get 4 times false and only one role "...roles.User" . I logged >> in with >> user sven and admin_role. >> >> Please can anyone provide help. >> > > Let me look into this tonight, been a while since I looked into that code. > I think that the declarative security does work ok (have used that > recently), and that would generally be recommended approach for security. > But this API should also be working as you have shown, if it isn't then > that's a problem. > > Dan > > > >> >> Thanks. >> >> Matthias > > >
