You can also use a regex: getUser().hasRole(".*YOUR_ROLE") if I'm correct.
Cheers, Jeroen On 23 Oct 2014 17:00, <johandoornen...@filternet.nl> wrote: > Hi Dan, > > > > This is working fine!! > > > > Maybe it is worthwhile to mention in the documentation that the > getUser().hasRole(..) now needs "isisModuleSecurityRealm:ROLE-HERE" as an > argument instead of just "ROLE-HERE? > > > > Greetz, Johan > > > > > You'll need a property on each instance to indicate its owner. You can > then use a disabled() or hidden() methods to make the object read-only or > to hide it completely. > > There were a couple of pages on the Isis website about this, I've just > updated them with examples for this use case [1],[2] > > HTH > Dan > > [1] > > http://isis.apache.org/more-advanced-topics/how-to-02-040-How-to-specify-that-none-of-an-object's-members-is-visible.html > [2] > > http://isis.apache.org/more-advanced-topics/how-to-02-080-How-to-specify-that-none-of-an-object's-members-can-be-modified-or-invoked.html > > > > On 23 October 2014 10:21, wrote: > > > I am looking for a way to implement a class in such a way that an > > authenticated user (using Isis security add-on) can only modify instances > > created by the user self. Anybody who done this before or has some hints > > for me? > > > > > > > > tnx Johan > > > > > > > > > > > >