Re: ERDDelayedBooleanAssignment question
Re: ERDDelayedBooleanAssignment question
- Subject: Re: ERDDelayedBooleanAssignment question
- From: Fabian Peters <email@hidden>
- Date: Wed, 24 Feb 2016 10:17:46 +0000
Hi Sébastien,
If you look at ERMDDeleteButton, you'll find that canDelete() does not check the "isEntityDeletable" key. Instead:
return object() != null && object() instanceof ERXGuardedObjectInterface ? ((ERXGuardedObjectInterface)object()).canDelete() : true;
If you're not using the ERXGuardedObjectInterface you could use your own delete button via:
20 : (look = 'ERModernLook' and propertyKey = 'deleteAction') => componentName = "ERMDDeleteButton" [com.webobjects.directtoweb.Assignment]:Default modern button component names
IMHO, ERXGuardedObjectInterface can help you keep business logic out of the rules. I use a delegate on a common EO superclass with it to handle logic that is the same for all EOs.
Fabian
> Am 23.02.2016 um 09:05 schrieb Sébastien Rottiers <email@hidden>:
>
> Forget my previous post, in fact, it doesn’t work for me (I had forgotten to remove the clear d2w cache by the code, thing that doesn’t work in deployment).
>
>> Le 23 févr. 2016 à 09:42, Sébastien Rottiers <email@hidden> a écrit :
>>
>> Thanks for the replies !
>>
>> I just test your first solution Mark and it works like a charm !
>>
>> Sébastien
>>
>>> Le 22 févr. 2016 à 22:47, Mark Wardle <email@hidden> a écrit :
>>>
>>> I wonder whether your rules are being cached.
>>>
>>> I do this instead:
>>>
>>> 100 : entity.name like 'Result*' => isEntityDeletable = "session.authenticatedUser.role.isSystem" [er.directtoweb.ERDDelayedKeyValueAssignment]
>>>
>>> or
>>>
>>> 100 : entity.name = 'Seizure' => isEntityEditable = "object.summaryEpilepsy.patient.security.PATIENT_EDIT" [er.directtoweb.ERDDelayedKeyValueAssignment]
>>>
>>> where a security property on the patient entity supports arbitrary key paths that correspond with a specific permission.
>>>
>>> Mark
>>>
>>>> On 22 Feb 2016, at 13:56, Sébastien Rottiers <email@hidden> wrote:
>>>>
>>>> Hello,
>>>>
>>>> I have two rules to control the access write of my users (isEntityEditable and isEntityDeletable). Here is these rules :
>>>>
>>>> 100 : *true* => isEntityEditable = {"conditionKey" = "session.userConnected.isAdmin"; "falseValue" = "0"; "trueValue" = "1"; } [er.directtoweb.assignments.delayed.ERDDelayedBooleanAssignment],
>>>> 100 : *true* => isEntityDeletable = {"conditionKey" = "session.userConnected.isAdmin"; "falseValue" = "0"; "trueValue" = "1"; } [er.directtoweb.assignments.delayed.ERDDelayedBooleanAssignment],
>>>>
>>>> It works properly for isEntityEditable (if I login with an admin account I can edit the EOs, and if I logout and login with a non admin user I can’t edit EOs). But for isEntityDeletable the issue is : on the List pages (ERModernLook) I already visited, when I logout/login from admin to non admin, the delete button is still displayed. And in dev mode if I clear the D2W cache, the delete button disappear as expected.
>>>>
>>>> Am I missing something ?
>>>>
>>>> Thanks,
>>>> Sébastien
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Do not post admin requests to the list. They will be ignored.
>>>> Webobjects-dev mailing list (email@hidden)
>>>> Help/Unsubscribe/Update your Subscription:
>>>>
>>>> This email sent to email@hidden
>>
>> _______________________________________________
>> Do not post admin requests to the list. They will be ignored.
>> Webobjects-dev mailing list (email@hidden)
>> Help/Unsubscribe/Update your Subscription:
>>
>> This email sent to email@hidden
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Webobjects-dev mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden