On 8/27/07, Erik Vullings <[EMAIL PROTECTED]> wrote:
> Hi,
>
> Just wondering - when dealing with page authorizations, does this model
> expand to component authorizations, i.e. you may visit the page, but not
> certain components (redirect to another component), or you can see a
> component, but with less privileges (e.g. view but not edit). In other
> words, how would you deal with CRUD (create, read, update, delete)
> role-based authorization on a component level?
I'd say it's up to the component. I've just added two new components
in tapestry5-acegi, called IfLoggedIn and IfRole, which can be used in
components such as:
<t:security.ifloggedin>
You are logged in, welcome!
<t:security.ifrole role="ROLE_ADMIN">
You are even logged as admin, cool!
<t:parameter name="else">
Sorry, you don't have admin credentials.
</t:parameter>
</t:security.ifrole>
<a t:type="actionlink" t:id="logout">Logout</a>
<t:parameter name="else">
Not logged in, please <t:pagelink
t:page="LoginPage">do</t:pagelink>.
</t:parameter>
</t:security.ifloggedin>
--
regards,
Robin
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
