[jbossseam-issues] [JBoss JIRA] Created: (JBSEAM-794) @Restrict should allow for post method invocation checking
4:22 a.m.
@Restrict should allow for post method invocation checking
----------------------------------------------------------
Key: JBSEAM-794
URL: http://jira.jboss.com/jira/browse/JBSEAM-794
Project: JBoss Seam
Issue Type: Feature Request
Components: Security
Affects Versions: 1.1.6.GA
Reporter: Darryl Smith
The Restrict annotation should allow for post method invocation checking
The use case for this would be loading an entity. You don't know until after you load
the entity it whether or not the user has access to it. The only way to do this now is to
call Identity.instance().checkRestriction(...). or injecting the Identity and calling the
checkRestriction method. Either way this adds additional setup for unit testing.
If @Restrict("..", after="true") or something similar was available,
testing is "easier".
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
6:24 a.m.
New subject: [jbossseam-issues] [JBoss JIRA] Closed: (JBSEAM-794) @Restrict should allow for post method invocation checking
[ http://jira.jboss.com/jira/browse/JBSEAM-794?page=all ]
Gavin King closed JBSEAM-794.
-----------------------------
Resolution: Won't Fix
Call Identity directly.
@Restrict should allow for post method invocation checking
----------------------------------------------------------
Key: JBSEAM-794
URL: http://jira.jboss.com/jira/browse/JBSEAM-794
Project: JBoss Seam
Issue Type: Feature Request
Components: Security
Affects Versions: 1.1.6.GA
Reporter: Darryl Smith
The Restrict annotation should allow for post method invocation checking
The use case for this would be loading an entity. You don't know until after you load
the entity it whether or not the user has access to it. The only way to do this now is to
call Identity.instance().checkRestriction(...). or injecting the Identity and calling the
checkRestriction method. Either way this adds additional setup for unit testing.
If @Restrict("..", after="true") or something similar was available,
testing is "easier".
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
6:42 a.m.
New subject: [jbossseam-issues] [JBoss JIRA] Commented: (JBSEAM-794) @Restrict should allow for post method invocation checking
[ http://jira.jboss.com/jira/browse/JBSEAM-794?page=comments#action_12352697 ]
Darryl Smith commented on JBSEAM-794:
-------------------------------------
Yes, you can call Identity directly, but when unit testing do i really want to have to set
this up? Ideally you would want to test security and business logic separately
@Restrict should allow for post method invocation checking
----------------------------------------------------------
Key: JBSEAM-794
URL: http://jira.jboss.com/jira/browse/JBSEAM-794
Project: JBoss Seam
Issue Type: Feature Request
Components: Security
Affects Versions: 1.1.6.GA
Reporter: Darryl Smith
The Restrict annotation should allow for post method invocation checking
The use case for this would be loading an entity. You don't know until after you load
the entity it whether or not the user has access to it. The only way to do this now is to
call Identity.instance().checkRestriction(...). or injecting the Identity and calling the
checkRestriction method. Either way this adds additional setup for unit testing.
If @Restrict("..", after="true") or something similar was available,
testing is "easier".
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
6558
days inactive
6559
days old
2 comments
3 participants
participants (3)
-
Darryl Smith (JIRA) -
Darryl Smith (JIRA) -
Gavin King (JIRA)