Hi,
I'm mew to this rules stuff, and although I've looked at rules engines such as Corticon before, I got introduced to JBoss Rules through JBoss Seam's security mechanism.
I'm trying to expand on Seam's built in functionality to assess a user's permissions. My use case is that a user of the system may or may not have permission to a resource based on the user's role AND the current date. The system accepts certain actions only if "now" is between a certain start and end date. What I'd like to do is something like this:
rule CanDoHisStuff
activation-group "permissions"
when
c: PermissionCheck(name == "stuff", action == "do", granted = false)
now: new Date() <--------------------------------------------------------------How can I accomplish this?
ap: AppProps()
Role(name == "A Role")
eval(now >= ap.startDate, now <= ap.endDate)
then
c.grant();
end;
Now, I understand that in my code, I could assert an object "now". However, a lot of the security is hidden behind the scenes in Seam. For example, this rules will be fired from an XML definition file.
E.g.
<page view-id="/restricted/doStuff.xhtml">
<restrict>#{s:hasPermission('stuff', 'do', null)}</restrict>
<navigation from-action="#{
createStuffManager.yesConfirmSave}">
<end-conversation/>
<redirect view-id="/restricted/viewStuff.xhtml"/>
</navigation>
</page>
While I could start extending Seam's security model, that seems a bit invasive for such a simple task.
Thanks
/Kris