That would work. The trick is that I need to compute the permissions
dynamically. I'll have to add in more code to handle those types of
wildcard permissions. I was hoping for something much more similar to
what I can use with the @RequiresPermissions check. But since I don't
have an invocation, that looks like what I'll have to do.
On 05/30/2013 11:34 AM, Dmitry Gusev wrote:
You don't have invocation here, because you're rendering.
And you should know what you're rendering, so you should be able to do this:
<t:security.hasPermission permission="${myPermission}">
and in Java:
public String getMyPermission()
{
return "some:permission:" + instance.getId();
}
will this work?
On Thu, May 30, 2013 at 8:29 PM, Richard Frovarp <rfrov...@apache.org>wrote:
I'm using the Tynamo tapestry-security library to great success. I've been
progressing through the instance level pieces and things are going well.
I've ran into a bit of a problem however. I can do the instance level
checks with @RequiresPermissions on functions just fine. That is populating
the Environment service with the MethodInvocation. All is well. I can
either get the method, or the instance, and proceed to do my security
checks.
The problem I'm running into is with the soft checks, in particular
<t:security.hasPermission permission="some:permission"> where I want to
decide if a link should be shown or not.
That will trigger the checks, however, that doesn't populate the
Environment with the MethodInvocation. So I have no way of telling what is
being checked.
Is there a way to get the current invocation without going through the
environment service? Or should I come up with my own annotation, turn the
security annotation into if checks, and use the advise pieces to put the
invocation into the environment?
This section of Tapestry is still confusing to me, so I hope that my
question makes sense.
Thanks,
Richard
------------------------------**------------------------------**---------
To unsubscribe, e-mail:
users-unsubscribe@tapestry.**apache.org<users-unsubscr...@tapestry.apache.org>
For additional commands, e-mail: users-h...@tapestry.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
