[jbossseam-issues] [JBoss JIRA] Closed: (JBSEAM-845) Allow configuration of which actions are restricted for entity security
[ http://jira.jboss.com/jira/browse/JBSEAM-845?page=all ]
Shane Bryzak closed JBSEAM-845.
-------------------------------
Fix Version/s: 1.1.7.GA
Resolution: Done
Implemented in CVS, documentation updated. Fine-grained entity security can now be
implemented by annotating a method (instead of the entity class itself) like this:
@PrePersist @Restrict prePersist() {}
Allow configuration of which actions are restricted for entity
security
-----------------------------------------------------------------------
Key: JBSEAM-845
URL: http://jira.jboss.com/jira/browse/JBSEAM-845
Project: JBoss Seam
Issue Type: Feature Request
Components: Security
Reporter: Shane Bryzak
Assigned To: Shane Bryzak
Fix For: 1.1.7.GA
Original Estimate: 1 hour
Remaining Estimate: 1 hour
We really need to be able to configure which entity actions are restricted (and which
ones are not) for each restricted entity. I'm currently thinking of something along
the lines of this:
@Restrict
@RestrictedActions({READ,DELETE})
@Name("account")
public class Account { ... }
This is necessary so that it's not required to provide security rules for entity
actions that are not intended to be restricted.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira