[jboss-cvs] jboss-seam/doc/reference/en/modules ...
Shane Bryzak
sbryzak at redhat.com
Fri Mar 9 05:43:47 EST 2007
User: sbryzak2
Date: 07/03/09 05:43:47
Modified: doc/reference/en/modules security.xml
Log:
JBSEAM-888
Revision Changes Path
1.48 +16 -7 jboss-seam/doc/reference/en/modules/security.xml
(In the diff below, changes in quantity of whitespace are not shown.)
Index: security.xml
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/doc/reference/en/modules/security.xml,v
retrieving revision 1.47
retrieving revision 1.48
diff -u -b -r1.47 -r1.48
--- security.xml 27 Feb 2007 07:42:25 -0000 1.47
+++ security.xml 9 Mar 2007 10:43:47 -0000 1.48
@@ -717,7 +717,7 @@
]]></programlisting>
<para>
- And here's an example of an entity permission rule that checks if the authenticated user is allowed to create
+ And here's an example of an entity permission rule that checks if the authenticated user is allowed to insert
a new blog entry (from the seamspace example):
</para>
@@ -725,15 +725,24 @@
no-loop
activation-group "permissions"
when
- c: PermissionCheck(name == "memberBlog", action == "insert", granted == false)
- Principal(nm : name)
- MemberBlog(mbr : member -> (mbr.getUsername().equals(nm)))
+ check: PermissionCheck(name == "memberBlog", action == "insert", granted == false)
+ Principal(name : name)
+ MemberBlog(member : member -> (member.getUsername().equals(name)))
then
- c.grant();
- modify(c);
+ check.grant();
end;]]></programlisting>
<para>
+ This rule will grant the permission <literal>memberBlog:insert</literal> if the currently authenticated
+ user (indicated by the <literal>Principal</literal> fact) has the same name as the member for which the
+ blog entry is being created. The "<literal>name : name</literal>" structure that can be seen in the
+ <literal>Principal</literal> fact (and other places) is a variable binding - it binds the <literal>name</literal>
+ property of the <literal>Principal</literal> to a variable called <literal>name</literal>. Variable bindings
+ allow the value to be referred to in other places, such as the following line which compares the member's username
+ to the <literal>Principal</literal> name. For more details, please refer to the JBoss Rules documentation.
+ </para>
+
+ <para>
Finally, we need to install a listener class that integrates Seam security with
your JPA provider.
</para>
More information about the jboss-cvs-commits
mailing list