isis-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kevin Meyer <>
Subject Re: Can I make a specific class instance editable, all others not?
Date Thu, 24 Aug 2017 06:17:23 GMT
Hi Steve,

Why not use the isis-addons security module to only authorise users to edit their own profile?

In the past, I have implemented such security directly in the domain objects by using the
isVisible() and disabled() methods on actions (or class level, depending) and then working
with the session username...


On 24 August 2017 06:14:47 CEST, Stephen Cameron <> wrote:
>I have implemented and extended version of ApplicationUser class called
>MyApplicationUser to allow users to add more information to their
>in my web-app. They self-enrol (via initial entry of an email address,
>following a link in a email sent to that address [1] ) and then add
>details once they've created a user account.
>I now make use of the class MyApplicationUser more widely in the
>application but this leads to the problem that one user can modify the
>profile of another. Using the security module we can make all classes,
>instances of a class VIEWING or CHANGING. It must be the later to be
>to change their own record, but generally it should be VIEWING only. Is
>there a way to achieve this.
>My alternative is to make use of the MyApplicationUser entity but to
>display its property values as a read-only view-model when necessary,
>is, as a derived property. At the moment, I am having some problems
>this approach in terms of displaying collections of MyApplicationUser
>collections (of more view models) in the view-model class.
>I was creating my view-model as a wrapper around a persistent entity,
>worked in the past but not working in this case, with some strange
>like "Failed title". So setting actual properties in the view-model
>(rather than making all getters call a getter of the wrapped object)
>be necessary to take full advantage of session caching of view model
>I think using the view model approach might be the solution.

Sent from my Android device with K-9 Mail. Please excuse my brevity.
  • Unnamed multipart/alternative (inline, 7-Bit, 0 bytes)
View raw message