Re: [Wicket-develop] integrating authorization

[Eelco Hillenius]

Here's the interface method we (Jonathan, Igor and I) think will work:

        /**
         * Checks whether an instance of the given component class may be 
created.
         * If this method returns false, a [EMAIL PROTECTED] 
AuthorizationException} is thrown
         * in during construction.
         *
         * @param c
         *            the component to check for
         * @return whether the given component may be created
         */
        boolean allowCreateComponent(Class c);

        /**
         * Gets whether the given component may be rendered. If this method 
returns
         * false, the component is not rendered, and neither are it's children.
         *
         * @param c
         *            the component to check for
         * @return whether the given component may be rendered
         */
        boolean allowRender(Component c);

        /**
         * <p>
         * Gets whether a component is allowed to be enabled. If this method 
returns
         * true, a component may decide by itself (typically using it's enabled
         * property) whether it is enabled or not. If this method returns 
false, the
         * passed component is marked disabled, regardless it's enabled 
property.
         * </p>
         * <p>
         * When a component is not allowed to be enabled (in effect disabled 
through
         * the implementation of this interface), Wicket will try to prevent 
model
         * updates too. This is not completely fail safe, as constructs like:
         *
         * <pre>
         * User u = (User)getModelObject();
         * u.setName(&quot;got you there!&quot;);
         * </pre>
         *
         * can't be prevented. Indeed it can be argued that any model 
protection is
         * best dealt with in your model objects to be completely secured. 
Wicket
         * will catch all normal use though.
         *
         * </p>
         *
         * @param c
         *            the component to check for
         * @return whether a component is allowed to be enabled
         */
        boolean allowEnabled(Component c);

Eelco


On 10/26/05, Eelco Hillenius <[EMAIL PROTECTED]> wrote:
> Well, then there's no special wicket support for that nescesarry either.
>
> >  I only want to test at a certain point what is inside the model. And if a
> > user can see that object
> >  and if he can see it if he can alter it.
> >
>


-------------------------------------------------------
This SF.Net email is sponsored by the JBoss Inc.
Get Certified Today * Register for a JBoss Training Course
Free Certification Exam for All Training Attendees Through End of 2005
Visit http://www.jboss.com/services/certification for more information
_______________________________________________
Wicket-develop mailing list
Wicket-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/wicket-develop