You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@wicket.apache.org by Andrea Jahn <an...@web.de> on 2008/06/06 11:57:07 UTC
Wasp/Swarm: permisson for component of super class
Hi,
In our application we have the super class SecuredBasePage for all the pages.
This class contains the menu. It depends on the logged in user, which of the
main menus (containing the menu entries) are visible.
So I created a SecureWebMarkupContainer for each main menu.
But now I have to add a permission for one allowed main menu for each page into the policy file.
These are a lot of entries and heavy to keep up to date.
If a user has the permission for a certain main menu, he has that permission for each page.
Is it possible to set one permission for a certain main menu, which is valid for all pages ?
Code:
SecuredBasePage.html
-----------------------------
<ul>
<li wicket:id="menuUsers"><span></span><a href="#">Users</a>
<ul>
<li><span></span><a href="#" wicket:id="linkToPersonList">User List</a></li>
<li><span></span><a href="#" wicket:id="linkToAddPerson">Add user</a></li>
</ul>
</li>
...
SecuredBasePage.java
-----------------------------
public abstract class SecuredBasePage extends SecureWebPage
{
public SecuredBasePage()
{
super();
addLinks();
...
}
protected void addLinks()
{
// add main menu list items via wicket and not only pure html code for authorization
SecureWebMarkupContainer menuUsers = new SecureWebMarkupContainer("menuUsers");
SecureBookmarkablePageLink link1 =
new SecureBookmarkablePageLink("linkToPersonList", PersonListPage.class);
SecureBookmarkablePageLink link2 =
new SecureBookmarkablePageLink("linkToAddPerson", PersonEditPage.class);
link1.setAutoEnable(true);
link2.setAutoEnable(true);
menuUsers.add(link1);
menuUsers.add(link2);
add(menuUsers);
...
}
...
}
Welcome.java
-----------------
public class Welcome extends SecuredBasePage
{
...
}
PersonListPage.java
--------------------------
public class PersonListPage extends SecuredBasePage
{
...
}
PersonEditPage.java
--------------------------
public class PersonEditPage extends SecuredBasePage
{
...
}
policy file:
------------
permission ${ComponentPermission} "${front}.Welcome", "render";
permission ${ComponentPermission} "${front}.Welcome", "enable";
permission ${ComponentPermission} "${front}.PersonListPage", "render";
permission ${ComponentPermission} "${front}.PersonListPage", "enable";
permission ${ComponentPermission} "${front}.PersonEditPage", "render";
permission ${ComponentPermission} "${front}.PersonEditPage", "enable";
...
permission ${ComponentPermission} "${front}.Welcome:menuUsers", "inherit, render";
permission ${ComponentPermission} "${front}.PersonListPage:menuUsers", "inherit, render";
permission ${ComponentPermission} "${front}.PersonEditPage:menuUsers", "inherit, render";
....
Thanks
Andrea
EINE FÜR ALLE: die kostenlose WEB.DE-Plattform für Freunde und Deine
Homepage mit eigenem Namen. Jetzt starten! *http://unddu.de/?kid=kid@mf2* [http://unddu.de/?kid=kid@mf2]
Re: Wasp/Swarm: permisson for component of super class
Posted by Maurice Marrink <ma...@gmail.com>.
Well assuming you are only using a securewebmarkupcontainer to hide
the entire menu if a user as no permissions for any of the pages
accessible from that menu.
Otherwise there really is no need since the links will be hidden.
Then you have a couple of options.
-Use a datapermission for each swmc
-Use a specific class for each swmc e.g. class UserMenu extends
SecureWebMarkupContainer and add something like the following in your
policy permission ${ComponentPermission} "${package}.UserMenu",
"inherit, render";
You can ofcourse use SWMC without subclassing but then every SWMC
would be authorized not just the menu.
-Don't use security directly to handle visibility in this case. In our
app we used the following technique to hide the container if none of
its childcomponents are visible.
In the WebMarkupContainer:
protected void onBeforeRender()
{
Boolean result = (Boolean)
visitChildren(SecureBookmarkablePageLink.class, new IVisitor()
{
/**
* @see org.apache.wicket.Component.IVisitor#component(org.apache.wicket.Component)
*/
@Override
public Object component(Component component)
{
SecureBookmarkablePageLink link = (SecureBookmarkablePageLink) component;
if (link
.isActionAuthorized(getAction(Render.class)))
return true;
return null; // continue
}
});
if (result != null && result)
setVisible(true);
else
setVisible(false);
super.onBeforeRender();
}
Hope this answers your question.
Maurice
On Fri, Jun 6, 2008 at 11:57 AM, Andrea Jahn <an...@web.de> wrote:
>
>
>
>
> Hi,
>
> In our application we have the super class SecuredBasePage for all the pages.
> This class contains the menu. It depends on the logged in user, which of the
> main menus (containing the menu entries) are visible.
> So I created a SecureWebMarkupContainer for each main menu.
>
> But now I have to add a permission for one allowed main menu for each page into the policy file.
> These are a lot of entries and heavy to keep up to date.
>
> If a user has the permission for a certain main menu, he has that permission for each page.
> Is it possible to set one permission for a certain main menu, which is valid for all pages ?
>
>
> Code:
>
> SecuredBasePage.html
> -----------------------------
>
>
> <ul>
> <li wicket:id="menuUsers"><span></span><a href="#">Users</a>
> <ul>
> <li><span></span><a href="#" wicket:id="linkToPersonList">User List</a></li>
> <li><span></span><a href="#" wicket:id="linkToAddPerson">Add user</a></li>
> </ul>
> </li>
> ...
>
>
> SecuredBasePage.java
> -----------------------------
>
> public abstract class SecuredBasePage extends SecureWebPage
> {
>
> public SecuredBasePage()
> {
> super();
>
> addLinks();
> ...
> }
>
>
> protected void addLinks()
> {
>
> // add main menu list items via wicket and not only pure html code for authorization
> SecureWebMarkupContainer menuUsers = new SecureWebMarkupContainer("menuUsers");
>
> SecureBookmarkablePageLink link1 =
> new SecureBookmarkablePageLink("linkToPersonList", PersonListPage.class);
> SecureBookmarkablePageLink link2 =
> new SecureBookmarkablePageLink("linkToAddPerson", PersonEditPage.class);
>
> link1.setAutoEnable(true);
> link2.setAutoEnable(true);
>
> menuUsers.add(link1);
> menuUsers.add(link2);
> add(menuUsers);
> ...
> }
> ...
>
> }
>
>
> Welcome.java
> -----------------
> public class Welcome extends SecuredBasePage
> {
> ...
> }
>
> PersonListPage.java
> --------------------------
> public class PersonListPage extends SecuredBasePage
> {
> ...
> }
>
> PersonEditPage.java
> --------------------------
> public class PersonEditPage extends SecuredBasePage
> {
> ...
> }
>
>
> policy file:
> ------------
> permission ${ComponentPermission} "${front}.Welcome", "render";
> permission ${ComponentPermission} "${front}.Welcome", "enable";
>
> permission ${ComponentPermission} "${front}.PersonListPage", "render";
> permission ${ComponentPermission} "${front}.PersonListPage", "enable";
>
> permission ${ComponentPermission} "${front}.PersonEditPage", "render";
> permission ${ComponentPermission} "${front}.PersonEditPage", "enable";
> ...
>
> permission ${ComponentPermission} "${front}.Welcome:menuUsers", "inherit, render";
> permission ${ComponentPermission} "${front}.PersonListPage:menuUsers", "inherit, render";
> permission ${ComponentPermission} "${front}.PersonEditPage:menuUsers", "inherit, render";
> ....
>
> Thanks
>
> Andrea
>
>
>
>
>
> EINE FÜR ALLE: die kostenlose WEB.DE-Plattform für Freunde und Deine
> Homepage mit eigenem Namen. Jetzt starten! *http://unddu.de/?kid=kid@mf2* [http://unddu.de/?kid=kid@mf2]
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org