[jbossseam-issues] [JBoss JIRA] Commented: (JBSEAM-794) @Restrict should allow for post method invocation checking
Darryl Smith (JIRA)
jira-events at lists.jboss.org
Fri Feb 9 00:42:30 EST 2007
[ http://jira.jboss.com/jira/browse/JBSEAM-794?page=comments#action_12352697 ]
Darryl Smith commented on JBSEAM-794:
-------------------------------------
Yes, you can call Identity directly, but when unit testing do i really want to have to set this up? Ideally you would want to test security and business logic separately
> @Restrict should allow for post method invocation checking
> ----------------------------------------------------------
>
> Key: JBSEAM-794
> URL: http://jira.jboss.com/jira/browse/JBSEAM-794
> Project: JBoss Seam
> Issue Type: Feature Request
> Components: Security
> Affects Versions: 1.1.6.GA
> Reporter: Darryl Smith
>
> The Restrict annotation should allow for post method invocation checking
> The use case for this would be loading an entity. You don't know until after you load the entity it whether or not the user has access to it. The only way to do this now is to call Identity.instance().checkRestriction(...). or injecting the Identity and calling the checkRestriction method. Either way this adds additional setup for unit testing.
> If @Restrict("..", after="true") or something similar was available, testing is "easier".
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the seam-issues
mailing list