Here's the situation:
I'm creating a site where users can collaborate to work on data as a group.
I'm calling a set of data for a set of users a "domain". Every user is a
member of exactly one domain, and of course users can only access data within
their own domain.
On top of this, there are system administration level users who can look at any
data.
This sounds like a great case for using Hibernate style filters. Every object
in the system is associated with a domain, so I can put in a filter that has
key of "domain" and value of "#{currentUser.domain}". This will restrict users
to viewing only their objects, and then I don't have to worry about it.
The difficulty is that I want that filter to be turned off for the sysadmin
type users. I'd like to have session beans that use a filtered EntityManager
when the user is a "normal" user, but use the unfiltered EntityManager when the
user s:hasRole('sysadmin').
Is it possible to do this? Or is this even the right thing to do? I've never
used Hibernate filters before (or at least, not in a Seam / EJB3 application).
Thanks
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4122561#4122561
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4122561
_______________________________________________
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user
