Ah bugger, it always happens after sending to a list or forum. Found a suitable response to try from Listing 3.25 from Igor's book.
e.g. Object onActivate(Long articleId) { this.article = blogService.findArticleById(articleId); if (this.article == null) { return new StreamPageContent(ErrorPage.class); } return null; } Looks like I can return an Object/Page Thanks On Mon, Jun 23, 2014 at 1:51 PM, Chris Mylonas <ch...@opencsta.org> wrote: > Hi Tapestry Users, > > Whilst waiting for customs clearance in a Fijian port, I have a query. > > I'm extending my sample application's use of security for experimenting > with. > > I have a UserProfile class currently with annotation > @RequiresRoles("admin") and that works great. > > Using @RequiresPermissions however on the class is not possible because I > need to do something like @RequriesPermissions("profile:edit:" = userId) > for the current user. > > I'm getting by for the moment in onActivate like such: > > void onActivate(Long id) { > if(SecurityUtils.getSubject().isPermitted("profile:edit:" + id) ){ > currentUser = userService.getById(id); > userProfile = > userProfileService.getByUserId(currentUser.getId()); > } > else if (SecurityUtils.getSubject().hasRole("admin")){ > currentUser = userService.getById(id); > userProfile = > userProfileService.getByUserId(currentUser.getId()); > } > else { > logger.info("T H I S U S E R I S N O T P E R M I T T > E D"); > } > } > > > In my else, I'd like to redirect to a page, "you don't have permissions > for this action". > > All examples I've come across show setupRender() returning void or a > boolean, and onActivate() returning void. > > How would I redirect the tapestry way? > > Thanks > Chris > >