Re: Authorisation in Tapestry Applications

Sun, 26 Nov 2017 15:09:34 -0800 

Hi Basile,

Thanks for replying.  Yes, I'd discovered Tynamo, but wondered whether it
might be overkill given that I'd already inherited authentication code
from the Tapestry Hotel demo app.

It wasn't clear on the Tynamo site how Tynamo acquires permissions from my
(attached) 'role' table.  And if I have to write code to do this, then why
I need Tynamo rather than just creating a method in my user entity class
along the lines of...

  if(currentUser.isPermitted("company:create")){

    //Show create company button

  }
  else{

    //Grey out or hide create company button

  }

Regards,

Chris.


> http://www.tynamo.org/tapestry-security+guide/
>
> https://tapestry.apache.org/security.html
>
> Le 26/11/2017 à 05:16, Christopher Dodunski a écrit :
>> Hi All,
>>
>> The Tapestry Hotel demo app has proven a good lesson in implementing
>> AUTHENTICATION.  Having developed a multi-user Tapestry app, I now need
>> to
>> implement AUTHORISATION, but the Hotel demo app is aimed at just one
>> user
>> type: visitors.
>>
>> I created a role table in my Tapestry application (screenshot attached).
>> Permissions are specified in terms of CRUD actions, meaning there are
>> four
>> columns for each domain (Hibernate) entity: e.g. CAN_CREATE_USER,
>> CAN_READ_USER, CAN_UPDATE_USER, CAN_DELETE_USER, etc.
>>
>> The Hotel demo app enforces authentication by including or excluding the
>> @AnonymousAccess annotation on page classes.  I imagine enforcing page
>> authorisation could be done similarly, using a single annotation.  This
>> could prevent users lacking the necessary privilege from accessing
>> certain
>> pages, for instance 'pages/DeleteUser.java'.  Ideally, though, it would
>> be
>> desirable to also prevent users from navigating to such pages in the
>> first
>> place.  Either the PageLink icon is greyed out, or there is no link.
>>
>> I am seeking some direction - perhaps even some example code - in how to
>> have my Tapestry application enforce the privileges specified in my role
>> table.
>>
>> Thanks & regards,
>>
>> Chris.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
>> For additional commands, e-mail: users-h...@tapestry.apache.org
>
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org

Reply via email to