Secure Module Problem
68 views
Skip to first unread message
Message has been deleted
Message has been deleted
KuoYing@Taiwan
Feb 9, 2011, 12:44:34 PM2/9/11
to play-framework
hi all:
This is my question. When controllers extends CRUD and using @Check
and @With with Secure module, for example:
package controllers;
import java.util.List;
import play.modules.paginate.*;
import play.mvc.*;
import models.Item;
import models.Order;
import models.Tag;
@Check("admin")
@With(Secure.class)
public class Items extends CRUD {
public static void itemDescription(long createAt) {
Item description = Item.find("byCreateAt", createAt).first();
render(description);
}
public static void findItemByTag(String tagName) {
render();
}
}
-----------------------------------
So...If you want to go to "itemDescription page" and "findItemByTag
page", It always need to login because Secure module. But this is not
I want.
I only want to appears login form when super user go to CRUD
module(http://localhost:9000/admin), if it isAdmin, you could into
CRUD Administrator area. So....What can I do??
This is my question. When controllers extends CRUD and using @Check
and @With with Secure module, for example:
package controllers;
import java.util.List;
import play.modules.paginate.*;
import play.mvc.*;
import models.Item;
import models.Order;
import models.Tag;
@Check("admin")
@With(Secure.class)
public class Items extends CRUD {
public static void itemDescription(long createAt) {
Item description = Item.find("byCreateAt", createAt).first();
render(description);
}
public static void findItemByTag(String tagName) {
render();
}
}
-----------------------------------
So...If you want to go to "itemDescription page" and "findItemByTag
page", It always need to login because Secure module. But this is not
I want.
I only want to appears login form when super user go to CRUD
module(http://localhost:9000/admin), if it isAdmin, you could into
CRUD Administrator area. So....What can I do??
Potthof Tilman
Feb 9, 2011, 2:02:18 PM2/9/11
to play-fr...@googlegroups.com
So... You want to to have a admin-interface (with Create-Update-Delete-Operations) which appears in the admin area /admin/... and a separate interface for the user which only show your items-descriptions, right?
To me, seems like the easiest way to do that is to split both parts into two different controllers. So you just put your itemDescription-method into a second controller without the security-checks.
Otherwise, you have to find a way to except your own methods from the security-checks.
> --
> You received this message because you are subscribed to the Google Groups "play-framework" group.
> To post to this group, send email to play-fr...@googlegroups.com.
> To unsubscribe from this group, send email to play-framewor...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/play-framework?hl=en.
>
Steve Chaloner
Feb 9, 2011, 2:05:53 PM2/9/11
to play-framework
You could use the deadbolt authorisation module, and define one of the
roles "not logged in".
- Steve
roles "not logged in".
- Steve
KuoYing@Taiwan
Feb 10, 2011, 9:32:03 PM2/10/11
to play-framework
I try second different controllers. First controllers extend CRUD and
Second controllers extend controller. It is OK!! Thank you!
Second controllers extend controller. It is OK!! Thank you!
Reply all
Reply to author
Forward
Message has been deleted
0 new messages