subject:"Re\: Wasp\/Swarm\: permisson for component of super class"

Re: Wasp/Swarm: permisson for component of super class

2008-06-06 Thread Maurice Marrink

Well assuming you are only using a securewebmarkupcontainer to hide
the entire menu if a user as no permissions for any of the pages
accessible from that menu.

Otherwise there really is no need since the links will be hidden.

Then you have a couple of options.
-Use a datapermission for each swmc
-Use a specific class for each swmc e.g. class UserMenu extends
SecureWebMarkupContainer and add something like the following in your
policy permission ${ComponentPermission} ${package}.UserMenu,
inherit, render;
  You can ofcourse use SWMC without subclassing but then every SWMC
would be authorized not just the menu.
-Don't use security directly to handle visibility in this case. In our
app we used the following technique to hide the container if none of
its childcomponents are visible.
  In the WebMarkupContainer:
protected void onBeforeRender()
{
Boolean result = (Boolean)
visitChildren(SecureBookmarkablePageLink.class, new IVisitor()
{
/**
 * @see 
org.apache.wicket.Component.IVisitor#component(org.apache.wicket.Component)
 */
@Override
public Object 
component(Component component)
{

SecureBookmarkablePageLink link = (SecureBookmarkablePageLink) component;
if (link

.isActionAuthorized(getAction(Render.class)))
return 
true;
return null; // continue
}
});
if (result != null  result)
setVisible(true);
else
setVisible(false);
super.onBeforeRender();
}

Hope this answers your question.

Maurice

On Fri, Jun 6, 2008 at 11:57 AM, Andrea Jahn [EMAIL PROTECTED] wrote:




 Hi,

 In our application we have the super class SecuredBasePage for all the pages.
 This class contains the menu. It depends on the logged in user, which of the
 main menus (containing the menu entries) are visible.
 So I created a SecureWebMarkupContainer for each main menu.

 But now I have to add a permission for one allowed main menu for each page 
 into the policy file.
 These are a lot of entries and heavy to keep up to date.

 If a user has the permission for a certain main menu, he has that permission 
 for each page.
 Is it possible to set one permission for a certain main menu, which is valid 
 for all pages ?


 Code:

 SecuredBasePage.html
 -


  ul
  li wicket:id=menuUsersspan/spana href=#Users/a
  ul
  lispan/spana href=# wicket:id=linkToPersonListUser List/a/li
  lispan/spana href=# wicket:id=linkToAddPersonAdd user/a/li
  /ul
  /li
  ...


 SecuredBasePage.java
 -

 public abstract class SecuredBasePage extends SecureWebPage
 {

  public SecuredBasePage()
  {
  super();

  addLinks();
  ...
  }


  protected void addLinks()
  {

  // add main menu list items via wicket and not only pure html code for 
 authorization
  SecureWebMarkupContainer menuUsers = new 
 SecureWebMarkupContainer(menuUsers);

  SecureBookmarkablePageLink link1 =
  new SecureBookmarkablePageLink(linkToPersonList, PersonListPage.class);
  SecureBookmarkablePageLink link2 =
  new SecureBookmarkablePageLink(linkToAddPerson, PersonEditPage.class);

  link1.setAutoEnable(true);
  link2.setAutoEnable(true);

  menuUsers.add(link1);
  menuUsers.add(link2);
  add(menuUsers);
  ...
  }
 ...

 }


 Welcome.java
 -
 public class Welcome extends SecuredBasePage
 {
 ...
 }

 PersonListPage.java
 --
 public class PersonListPage extends SecuredBasePage
 {
 ...
 }

 PersonEditPage.java
 --
 public class PersonEditPage extends SecuredBasePage
 {
 ...
 }


 policy file:
 
  permission ${ComponentPermission} ${front}.Welcome, render;
  permission ${ComponentPermission} ${front}.Welcome, enable;

  permission ${ComponentPermission} ${front}.PersonListPage, render;
  permission ${ComponentPermission} ${front}.PersonListPage, enable;

  permission ${ComponentPermission} ${front}.PersonEditPage, render;
  permission ${ComponentPermission} ${front}.PersonEditPage, enable;
  ...

  permission ${ComponentPermission}

Re: Wasp/Swarm: permisson for component of super class

2008-06-06 Thread Andrea Jahn



 

Yes, I want to to hide the entire menu if a user has no permissions for any of 
the pages
accessible from that menu.

The third of your proposals (to hide the container if none of its 
childcomponents are visible) is really the best. 
So I have only to care about the permissions of the pages :-)

Thank you very much for the code example of the method onBeforeRender() for the 
WebMarkupContainer.
I have implemented it and it works fine :-)

Andrea

*Von:* Maurice Marrink [EMAIL PROTECTED]
*Gesendet:* 06.06.08 13:50:38
*An:* users@wicket.apache.org
*Betreff:* Re: Wasp/Swarm: permisson for component of super class



Well assuming you are only using a securewebmarkupcontainer to hide
the entire menu if a user as no permissions for any of the pages
accessible from that menu.

Otherwise there really is no need since the links will be hidden.

Then you have a couple of options.
-Use a datapermission for each swmc
-Use a specific class for each swmc e.g. class UserMenu extends
SecureWebMarkupContainer and add something like the following in your
policy permission ${ComponentPermission} ${package}.UserMenu,
inherit, render;
You can ofcourse use SWMC without subclassing but then every SWMC
would be authorized not just the menu.
-Don't use security directly to handle visibility in this case. In our
app we used the following technique to hide the container if none of
its childcomponents are visible.
In the WebMarkupContainer:
protected void onBeforeRender()
{
Boolean result = (Boolean)
visitChildren(SecureBookmarkablePageLink.class, new IVisitor()
{
/**
* @see 
org.apache.wicket.Component.IVisitor#component(org.apache.wicket.Component)
*/
@Override
public Object component(Component component)
{
SecureBookmarkablePageLink link = (SecureBookmarkablePageLink) component;
if (link
.isActionAuthorized(getAction(Render.class)))
return true;
return null; // continue
}
});
if (result != null  result)
setVisible(true);
else
setVisible(false);
super.onBeforeRender();
}

Hope this answers your question.

Maurice

On Fri, Jun 6, 2008 at 11:57 AM, Andrea Jahn [EMAIL PROTECTED] wrote:




 Hi,

 In our application we have the super class SecuredBasePage for all the pages.
 This class contains the menu. It depends on the logged in user, which of the
 main menus (containing the menu entries) are visible.
 So I created a SecureWebMarkupContainer for each main menu.

 But now I have to add a permission for one allowed main menu for each page 
 into the policy file.
 These are a lot of entries and heavy to keep up to date.

 If a user has the permission for a certain main menu, he has that permission 
 for each page.
 Is it possible to set one permission for a certain main menu, which is valid 
 for all pages ?


 Code:

 SecuredBasePage.html
 -


 ul
 li wicket:id=menuUsersspan/spana href=#Users/a
 ul
 lispan/spana href=# wicket:id=linkToPersonListUser List/a/li
 lispan/spana href=# wicket:id=linkToAddPersonAdd user/a/li
 /ul
 /li
 ...


 SecuredBasePage.java
 -

 public abstract class SecuredBasePage extends SecureWebPage
 {

 public SecuredBasePage()
 {
 super();

 addLinks();
 ...
 }


 protected void addLinks()
 {

 // add main menu list items via wicket and not only pure html code for 
 authorization
 SecureWebMarkupContainer menuUsers = new 
 SecureWebMarkupContainer(menuUsers);

 SecureBookmarkablePageLink link1 =
 new SecureBookmarkablePageLink(linkToPersonList, PersonListPage.class);
 SecureBookmarkablePageLink link2 =
 new SecureBookmarkablePageLink(linkToAddPerson, PersonEditPage.class);

 link1.setAutoEnable(true);
 link2.setAutoEnable(true);

 menuUsers.add(link1);
 menuUsers.add(link2);
 add(menuUsers);
 ...
 }
 ...

 }


 Welcome.java
 -
 public class Welcome extends SecuredBasePage
 {
 ...
 }

 PersonListPage.java
 --
 public class PersonListPage extends SecuredBasePage
 {
 ...
 }

 PersonEditPage.java
 --
 public class PersonEditPage extends SecuredBasePage
 {
 ...
 }


 policy file:
 
 permission ${ComponentPermission} ${front}.Welcome, render;
 permission ${ComponentPermission} ${front}.Welcome, enable;

 permission ${ComponentPermission} ${front}.PersonListPage, render;
 permission ${ComponentPermission} ${front}.PersonListPage, enable;

 permission ${ComponentPermission} ${front}.PersonEditPage, render;
 permission ${ComponentPermission} ${front}.PersonEditPage, enable;
 ...

 permission ${ComponentPermission} ${front}.Welcome:menuUsers, inherit, 
 render;
 permission ${ComponentPermission} ${front}.PersonListPage:menuUsers, 
 inherit, render;
 permission ${ComponentPermission} ${front}.PersonEditPage:menuUsers, 
 inherit, render;
 

 Thanks

 Andrea





 EINE FÜR ALLE: die kostenlose WEB.DE-Plattform für Freunde und Deine
 Homepage mit eigenem Namen. Jetzt starten! *http://unddu.de/[EMAIL PROTECTED] 
 [http://unddu.de/[EMAIL PROTECTED

Re: Wasp/Swarm: permisson for component of super class

Re: Wasp/Swarm: permisson for component of super class

2 matches

Site Navigation

Mail list logo

Footer information