[jbossseam-issues] [JBoss JIRA] Updated: (JBSEAM-1018) Allow security checks in component lifecycle methds
[ http://jira.jboss.com/jira/browse/JBSEAM-1018?page=all ]
Christian Bauer updated JBSEAM-1018:
------------------------------------
Priority: Minor (was: Optional)
Upgrading this to minor, I don't see an easy and generic way how else I could check a
users permission to create an entity instance. I don't want to defer checking until
INSERT and I don't want to only hide the UI button or restrict the page access. I have
a single controller method through which all relevant business entities are instantiated,
and I need to assert some stuff into rules working memory in @Create before I do that
check.
I didn't try @Restrict(<some expressions>) and @Create together, because I
don't have the stuff I need to assert in any Seam context at that time.
Allow security checks in component lifecycle methds
---------------------------------------------------
Key: JBSEAM-1018
URL: http://jira.jboss.com/jira/browse/JBSEAM-1018
Project: JBoss Seam
Issue Type: Feature Request
Components: Core
Reporter: Christian Bauer
Priority: Minor
The Component.java.callComponentMethod() is used for lifecycle method calling, such as
@Create methods. It also wraps all exceptions thrown in these methods, or at least casts
them into RuntimeException (even if it already is a RuntimeException). So I can't use
Identity.instance.checkPermission() in a @Create method and have my exception handling
apply to failure. Minimum required: document this.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira