aspose file tools*
The moose likes JSF and the fly likes Restricting access to data in JSF form: Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSF
Bookmark "Restricting access to data in JSF form:" Watch "Restricting access to data in JSF form:" New topic
Author

Restricting access to data in JSF form:

Sandeep GoudK
Greenhorn

Joined: Sep 19, 2012
Posts: 5
I need to restrict access to data in the form depending on some condition.

For example account1 “balanceAmount” can be shown and editable to user(ex:$1000), whereas account2 “balanceAmount” can only be displayed as non editable "xxx-xx" in place of actual amount. So basically I have the same jsp page and show "balanceAmount" depending on account type.

I wondered whats the best approach to implement this kind of field level security?

I was thinking of having a composite component which accepts condition and balanceAmount objects, based on account type I will display outputText with static text "xxx-xx" and inputText with balanceAmount bound to its value attribute.
Sample code attached below:

//Composite component code
<composite:interface>
<composite:attribute name="condition" />
<composite:attribute name="balanceAmount" />
</composite:interface>
<composite:implementation>
<hutputText value="xxx-xx-xxx" rendered="#{cc.attrs.condition}" />
<p:inputText value="#{cc.attrs.balanceAmount}" rendered="#{!cc.attrs.condition}">
<f:convertNumber type="currency" />
</p:inputText>
</composite:implementation>

//Using composite component
<util:input id="accountBalance" condition="#{account.vipCustomer}"
balanceAmount="#{account.accountBalance}" />

//Account bean
public class Account implements Serializable {

private double accountBalance;

private boolean vipCustomer = false;

getter's and setter's goes here.....
}

Is it the safe approach, will there be any maintainence or upgradation issues.
Is there a better way? Thanks for any input.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Restricting access to data in JSF form: