This blog is mainly about Java...

Tuesday, July 14, 2009

Injecting checking of roles in Seam

It is well known that you can perform
#{s:hasRole('admin')}
on the view.
You can easily check for the role of the logged in user, by injecting the same thing.

@In(value = "#{s:hasRole('admin')}")
private boolean isAdmin;
If the user has a role of admin the boolean is set to true. You can also use the static method,
Identity.instance().checkRole("admin");

But the former is nicer right?

2 comments:

Shane said...

You can also use the @Admin annotation (or any other annotation meta-annotated with @RoleCheck).

Shervin Asgari said...

Hi Shane.
RoleChecking is for restricting a component to that role. In this example, all I wanted to know is if someone is actually a particular role or not, but not prevent them from actually using the component.

For instance.
(if admin)
//do this
else
//do that.

Also one other thing you must remember with @RoleCheck, and that is that you cannot propagate roles. You cannot say @Admin or @User. If you put @Admin and @User in your component, they have to be both those role.
To get around that you can use the @Restrict("#{s:hasRole('admin') or s:hasRole('user')}")

Labels