[rules-users] Newbie question: can I create a variable in the rules file?
Rented User
rented at gmail.com
Thu Mar 8 03:36:01 EST 2007
Hi,
I'm mew to this rules stuff, and although I've looked at rules engines such
as Corticon before, I got introduced to JBoss Rules through JBoss Seam's
security mechanism.
I'm trying to expand on Seam's built in functionality to assess a user's
permissions. My use case is that a user of the system may or may not have
permission to a resource based on the user's role AND the current date. The
system accepts certain actions only if "now" is between a certain start and
end date. What I'd like to do is something like this:
rule CanDoHisStuff
activation-group "permissions"
when
c: PermissionCheck(name == "stuff", action == "do", granted = false)
now: new Date()
<--------------------------------------------------------------How can I
accomplish this?
ap: AppProps()
Role(name == "A Role")
eval(now >= ap.startDate, now <= ap.endDate)
then
c.grant();
end;
Now, I understand that in my code, I could assert an object "now". However,
a lot of the security is hidden behind the scenes in Seam. For example, this
rules will be fired from an XML definition file. E.g.
<page view-id="/restricted/doStuff.xhtml">
<restrict>#{s:hasPermission('stuff', 'do', null)}</restrict>
<navigation from-action="#{createStuffManager.yesConfirmSave}">
<end-conversation/>
<redirect view-id="/restricted/viewStuff.xhtml"/>
</navigation>
</page>
While I could start extending Seam's security model, that seems a bit
invasive for such a simple task.
Thanks
/Kris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/rules-users/attachments/20070308/977a3f92/attachment.html
More information about the rules-users
mailing list