> Is there an elegant way to do the opposite of what the AuthorizeAction
> annotation was intended for?
>
> I have an "unregister" function that any user _except_ the admin user
> should be able to use. If the admin unregisters, I'm f*****.
>
> Essentially, I'd really like to be able to do something like this:
>
> @AuthorizeAction(
> action = Action.RENDER, roles = { !Roles.ADMIN, Roles.USER })
>
>
> Any ideas?
The best thing you can do is to create your own extension/
authorization strategy implementation for this. Maybe something like
(action = Action.RENDER, roles = { Roles.USER }, deny = { Roles.ADMIN })
Patch is welcome if it fits in elegantly.
Eelco
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Wicket-user mailing list
Wicket-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/wicket-user
