[jboss-cvs] jboss-seam/doc/reference/en/modules ...

Shane Bryzak sbryzak at redhat.com
Fri Mar 9 05:43:47 EST 2007 

  User: sbryzak2
  Date: 07/03/09 05:43:47

  Modified:    doc/reference/en/modules  security.xml
  Log:
  JBSEAM-888
  
  Revision  Changes    Path
  1.48      +16 -7     jboss-seam/doc/reference/en/modules/security.xml
  
  (In the diff below, changes in quantity of whitespace are not shown.)
  
  Index: security.xml
  ===================================================================
  RCS file: /cvsroot/jboss/jboss-seam/doc/reference/en/modules/security.xml,v
  retrieving revision 1.47
  retrieving revision 1.48
  diff -u -b -r1.47 -r1.48
  --- security.xml	27 Feb 2007 07:42:25 -0000	1.47
  +++ security.xml	9 Mar 2007 10:43:47 -0000	1.48
  @@ -717,7 +717,7 @@
      ]]></programlisting>
         
         <para>
  -        And here's an example of an entity permission rule that checks if the authenticated user is allowed to create
  +        And here's an example of an entity permission rule that checks if the authenticated user is allowed to insert
           a new blog entry (from the seamspace example):      
         </para>
         
  @@ -725,15 +725,24 @@
     no-loop
     activation-group "permissions"
   when
  -  c: PermissionCheck(name == "memberBlog", action == "insert", granted == false)
  -  Principal(nm : name)
  -  MemberBlog(mbr : member -> (mbr.getUsername().equals(nm)))
  +  check: PermissionCheck(name == "memberBlog", action == "insert", granted == false)
  +  Principal(name : name)
  +  MemberBlog(member : member -> (member.getUsername().equals(name)))
   then
  -  c.grant();
  -  modify(c);
  +  check.grant();
   end;]]></programlisting>
   
          <para>
  +         This rule will grant the permission <literal>memberBlog:insert</literal> if the currently authenticated
  +         user (indicated by the <literal>Principal</literal> fact) has the same name as the member for which the
  +         blog entry is being created.  The "<literal>name : name</literal>" structure that can be seen in the
  +         <literal>Principal</literal> fact (and other places) is a variable binding - it binds the <literal>name</literal>
  +         property of the <literal>Principal</literal> to a variable called <literal>name</literal>.  Variable bindings
  +         allow the value to be referred to in other places, such as the following line which compares the member's username
  +         to the <literal>Principal</literal> name.  For more details, please refer to the JBoss Rules documentation. 
  +       </para>
  +
  +       <para>
            Finally, we need to install a listener class that integrates Seam security with
            your JPA provider.
          </para>

More information about the jboss-cvs-commits mailing list