Hi Tapestry Users, Whilst waiting for customs clearance in a Fijian port, I have a query.
I'm extending my sample application's use of security for experimenting with. I have a UserProfile class currently with annotation @RequiresRoles("admin") and that works great. Using @RequiresPermissions however on the class is not possible because I need to do something like @RequriesPermissions("profile:edit:" = userId) for the current user. I'm getting by for the moment in onActivate like such: void onActivate(Long id) { if(SecurityUtils.getSubject().isPermitted("profile:edit:" + id) ){ currentUser = userService.getById(id); userProfile = userProfileService.getByUserId(currentUser.getId()); } else if (SecurityUtils.getSubject().hasRole("admin")){ currentUser = userService.getById(id); userProfile = userProfileService.getByUserId(currentUser.getId()); } else { logger.info("T H I S U S E R I S N O T P E R M I T T E D"); } } In my else, I'd like to redirect to a page, "you don't have permissions for this action". All examples I've come across show setupRender() returning void or a boolean, and onActivate() returning void. How would I redirect the tapestry way? Thanks Chris