tapestry-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From robe...@scazdl.org
Subject Re: render time element removal question
Date Fri, 02 Sep 2005 16:45:50 GMT
To be honest, personally, I don't think that approach is really going to
mix well with tapestry.  As was mentioned by HLS in a recent thread, you
should consider pages at runtime as immutable.  Removing elements will
prove problematic, I think.
An approach I used was to create a sort of "inRole" component.  It takes
as parameters either a requisite permission name or an object for which
permission is required.  It's essentially an "if" wrapper, but has the
advantage of centralizing the render-oriented permission logic to a single
component.
You could also create custom wrappers around any components.  So you
could, for instance, create a "SecureTable" component which wraps a table
component, adds parameters related to permission checking, and
conditionally renders the component. Then you could use your SecureTable
just like table, and still have your dynamic behavior.... static
structure, dynamic behavior. :)

Robert

> I'm wondering if anyone has impemented a security model that requires
> dynamic (render-time) removal of certain HTML elements? And if so, how
> hefty
> was the work? I need to remove elements at render time based upon roles
> and
> rights and *do not* want to wrap all of the secure elements in
> conditionals.
> Rather, I'd wish to determine at render time the necessity of removing
> certain elements and simply not render them.
>
> TIA,
> -RR-
>


---------------------------------------------------------------------
To unsubscribe, e-mail: tapestry-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tapestry-user-help@jakarta.apache.org


Mime
View raw message