No. It works as isVisible at a component level. If you don't want to show your page, then secure your page like that. Any component + it's children.
Eelco On 10/26/05, Johan Compagner <[EMAIL PROTECTED]> wrote: > yes that i did get. > So if one component on the page returns false for allowRender() > then the page it self is not visible (allowAccess() failes) > > and Links/Labels are using allowEnabled for there visible state. > > > > On 10/27/05, Eelco Hillenius <[EMAIL PROTECTED]> wrote: > > > > It works exactly like isVisible, with the exception that it will > > allways overrule isVisible (I'll put that in the docs). > > > > Eelco > > > > > > On 10/26/05, Johan Compagner <[EMAIL PROTECTED] > wrote: > > > where will allowRender() be called in wicket? > > > I think the most logical first place it the Page.checkAccess() or > > > Page.checkSecurity() that is also called besides checkAccess() > > > > > > Does then the implementation do the compleet check for the page? > > > So the page itself and then all the components on the page? > > > But how does it check the components and there model data? ( think > models > > > need some kind of marker interface like SecurityModel) > > > > > > Because it can be that a form's model data is saying i can't render so > the > > > page can be renderd > > > But a link can also say i can't be renderd but that doesn't mean the > page > > > can't be rendered (just the link can't be rendered) > > > > > > Or if allowRender() is false in any component/model on the page then > the > > > complete page can't be rendered > > > but then allowEnabled is used to say to a link that it can't be visible > (so > > > there are no non enabled links they are always not rendered) > > > > > > > > > > > > On 10/27/05, Eelco Hillenius <[EMAIL PROTECTED]> wrote: > > > > > > > > Here's the interface method we (Jonathan, Igor and I) think will work: > > > > > > > > /** > > > > * Checks whether an instance of the given component class may > be > > > created. > > > > * If this method returns false, a [EMAIL PROTECTED] > AuthorizationException} > > > is thrown > > > > * in during construction. > > > > * > > > > * @param c > > > > * the component to check for > > > > * @return whether the given component may be created > > > > */ > > > > boolean allowCreateComponent(Class c); > > > > > > > > /** > > > > * Gets whether the given component may be rendered. If this > > > method returns > > > > * false, the component is not rendered, and neither are it's > > > children. > > > > * > > > > * @param c > > > > * the component to check for > > > > * @return whether the given component may be rendered > > > > */ > > > > boolean allowRender(Component c); > > > > > > > > /** > > > > * <p> > > > > * Gets whether a component is allowed to be enabled. If this > > > method returns > > > > * true, a component may decide by itself (typically using > it's > > > enabled > > > > * property) whether it is enabled or not. If this method > returns > > > false, the > > > > * passed component is marked disabled, regardless it's > enabled > > > property. > > > > * </p> > > > > * <p> > > > > * When a component is not allowed to be enabled (in effect > > > disabled through > > > > * the implementation of this interface), Wicket will try to > > > prevent model > > > > * updates too. This is not completely fail safe, as > constructs > > > like: > > > > * > > > > * <pre> > > > > * User u = (User)getModelObject(); > > > > * u.setName ("got you there!"); > > > > * </pre> > > > > * > > > > * can't be prevented. Indeed it can be argued that any model > > > protection is > > > > * best dealt with in your model objects to be completely > secured. > > > Wicket > > > > * will catch all normal use though. > > > > * > > > > * </p> > > > > * > > > > * @param c > > > > * the component to check for > > > > * @return whether a component is allowed to be enabled > > > > */ > > > > boolean allowEnabled(Component c); > > > > > > > > Eelco > > > > > > > > > > > > On 10/26/05, Eelco Hillenius < [EMAIL PROTECTED]> wrote: > > > > > Well, then there's no special wicket support for that nescesarry > either. > > > > > > > > > > > I only want to test at a certain point what is inside the model. > And > > > if a > > > > > > user can see that object > > > > > > and if he can see it if he can alter it. > > > > > > > > > > > > > > > > > > > > > > > > ------------------------------------------------------- > > > > This SF.Net email is sponsored by the JBoss Inc. > > > > Get Certified Today * Register for a JBoss Training Course > > > > Free Certification Exam for All Training Attendees Through End of 2005 > > > > Visit http://www.jboss.com/services/certification for > > > more information > > > > _______________________________________________ > > > > Wicket-develop mailing list > > > > Wicket-develop@lists.sourceforge.net > > > > > > > > https://lists.sourceforge.net/lists/listinfo/wicket-develop > > > > > > > > > > > > > > > > ------------------------------------------------------- > > This SF.Net email is sponsored by the JBoss Inc. > > Get Certified Today * Register for a JBoss Training Course > > Free Certification Exam for All Training Attendees Through End of 2005 > > Visit http://www.jboss.com/services/certification for > more information > > _______________________________________________ > > Wicket-develop mailing list > > Wicket-develop@lists.sourceforge.net > > > https://lists.sourceforge.net/lists/listinfo/wicket-develop > > > > ------------------------------------------------------- This SF.Net email is sponsored by the JBoss Inc. Get Certified Today * Register for a JBoss Training Course Free Certification Exam for All Training Attendees Through End of 2005 Visit http://www.jboss.com/services/certification for more information _______________________________________________ Wicket-develop mailing list Wicket-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-develop
