cayenne-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aristedes Maniatis <...@ish.com.au>
Subject Re: security
Date Thu, 01 Feb 2007 02:39:12 GMT

On 01/02/2007, at 12:11 PM, Carl Mosca wrote:

> Your app makes me wonder how cayenne handles views.

Our application uses the essence of a MVC framework, however we have  
created our own basic GUI elements subclassing JTextArea, JButton,  
etc, etc. These components have additional property keys which we set  
(using the Netbeans Matisse Swing editor) to tie them back to Cayenne  
field property keys. Of course events and controllers hold all this  
glue together. So, because each GUI component 'knows' what Cayenne  
field it maps to, lots of interesting functionality is possible,  
including validation display and formatting.

So we could very easily map access control onto these fields without  
much drama, but I just can't see how that translates to a usable GUI  
with various fields missing or greyed out depending on access rights  
to that component. Better for us to look at security from a GUI  
perspective (tabs, panels, etc) and be diligent about testing how  
that access is enabled across the application. This means that it  
effectively has nothing to do with Cayenne.

Ari Maniatis



-------------------------->
ish
http://www.ish.com.au
Level 1, 30 Wilson Street Newtown 2042 Australia
phone +61 2 9550 5001   fax +61 2 9550 4001
GPG fingerprint CBFB 84B4 738D 4E87 5E5C  5EFA EF6A 7D2E 3E49 102A



Mime
View raw message