[jbossseam-issues] [JBoss JIRA] Commented: (JBSEAM-845) Allow configuration of which actions are restricted for entity security

Gavin King (JIRA) jira-events at lists.jboss.org
Tue Feb 13 20:31:30 EST 2007


    [ http://jira.jboss.com/jira/browse/JBSEAM-845?page=comments#action_12353024 ] 
            
Gavin King commented on JBSEAM-845:
-----------------------------------

Another possibility would be to let the user annotate a listener method, ie:


@Entity
public class Account 
{
    ...
    @Restrict 
    @PreUpdate @PrePersist
    public void beforeWrite() {}
} 


I kinda like that. It's very consistent with what happens for component security.

> Allow configuration of which actions are restricted for entity security
> -----------------------------------------------------------------------
>
>                 Key: JBSEAM-845
>                 URL: http://jira.jboss.com/jira/browse/JBSEAM-845
>             Project: JBoss Seam
>          Issue Type: Feature Request
>          Components: Security
>            Reporter: Shane Bryzak
>         Assigned To: Shane Bryzak
>   Original Estimate: 1 hour
>  Remaining Estimate: 1 hour
>
> We really need to be able to configure which entity actions are restricted (and which ones are not) for each restricted entity.  I'm currently thinking of something along the lines of this:
> @Restrict
> @RestrictedActions({READ,DELETE})
> @Name("account")
> public class Account { ... }
> This is necessary so that it's not required to provide security rules for entity actions that are not intended to be restricted.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        



More information about the seam-issues mailing list