Hi All!!
I have a menu which shows different options based on the permissions
of a specific profile. the moment you enter a user options are
displayed correctly, but if I put a hand a url (in the browser) to the
current user can not access the application can enter anyway. I
thought that with the option of LocParams IF ,it could be restricted,
but is currently broken. Any suggestions please?
This is my code:
The menu:
val menuComprobanteList = Menu(Loc("ComprobanteList",
List("oper", "comprobante", "list"),
"Mantenimiento"),
validateIngreso(getOpcionId("ComprobanteList") ) )
val menuComprobantePendientes =
Menu(Loc("ComprobanteListPendientes",
List("oper", "comprobante",
"pendientes"),
"Pendientes"),
validateIngreso(getOpcionId("ComprobanteList") ) )
val menuComprobanteAutorizados =
Menu(Loc("ComprobanteListAutorizados",
List("oper", "comprobante",
"autorizados"),
"Autorizados"),
validateIngreso(getOpcionId("ComprobanteList") ))
val menuComprobanteAdd = Menu(Loc("ComprobanteCreate",
List("oper", "comprobante", "create"),
"Agregar "),
validateIngreso(getOpcionId("ComprobanteList") ))
val submenusComprobante = List(menuComprobanteList,
menuComprobantePendientes, menuComprobanteAutorizados)
val menuComprobante = Menu(Loc("Comprobante",
List("oper", "comprobante") -> true,
"Comprobantes",
validateIngreso(getOpcionId("ComprobanteList") )),
submenusComprobante:_*)
val listMenu = List(menuComprobante)
def appendRewriteRules = LiftRules.rewrite.append {
case RewriteRequest(
ParsePath(List("oper", "comprobante", "view", id),_,_,_),_,_) =>
RewriteResponse("oper" :: "comprobante" :: "view" :: Nil,
Map("id" -> id))
case RewriteRequest(
ParsePath(List("oper", "comprobante", "viewapproved",
id),_,_,_),_,_) =>
RewriteResponse("oper" :: "comprobante" :: "viewapproved" ::
Nil, Map("id" -> id))
case RewriteRequest(
ParsePath(List("oper", "comprobante", "autorizar",
id),_,_,_),_,_) =>
RewriteResponse("oper" :: "comprobante" :: "autorizar" :: Nil,
Map("id" -> id))
case RewriteRequest(
ParsePath(List("oper", "comprobante", "create"),_,_,_),_,_) =>
RewriteResponse("oper" :: "comprobante" :: "edit" :: Nil,
Map("op" -> "create"))
case RewriteRequest(
ParsePath(List("oper", "comprobante", "edit", id),_,_,_),_,_) =>
RewriteResponse("oper" :: "comprobante" :: "edit" :: Nil,
Map("id" -> id))
case RewriteRequest(
ParsePath(List("oper", "comprobante", "delete", id),_,_,_),_,_)
=>
RewriteResponse("oper" :: "comprobante" :: "delete" :: Nil,
Map("id" -> id))
}
The function of validation for the access:
------------------------------------------------------------
def validateIngreso(opcionId:Long) = If (() => { validateLoggin &&
validateSession &&
validatePassword &&
validatePerfil(opcionId)
}
,
() => RedirectResponse("/index"))
def validateLoggin = Usuario.loggedIn_?
def validatePassword =
if (Usuario.currentUserId.isDefined)
{ !
(Usuario.findByKey(Usuario.currentUserId.get.toLong).get.password.match_?
(DefaultPassword.getDefaultPassword)) } else true
// Read if the current User has permissions for the actual menu option
int the current application and with the current Profile
def validatePerfil(opcionId:Long) =
if (validateSession) { val perfilId = UsuarioAplicacionPerfil.findAll(
By(UsuarioAplicacionPerfil.usuario_Id,Usuario.currentUserId.get.toLong),
By(UsuarioAplicacionPerfil.aplicacion_Id,
Aplicacion.currentApplicationId.get.toLong),
MaxRows(1)).headOption match {
case None => 0
case Some(uap) => uap.perfil_Id.toLong
}
My menu in the Boot
---------------------------------------
val entries = Menu(Loc("Home", "index" :: Nil , ?("Home"))) ::
OperMenu.listMenu
LiftRules.setSiteMap(SiteMap(entries:_*))
OperMenu.appendRewriteRules
Now:
--------------------------------------------------------
In the database I has a user:
pe...@asdf.com
this user only has permission for the menu options: "Comprobante" and
"Mantenimiento", the sitemap show the correct options, BUT if I write
in the browser the url of the option "Autorizados", This user can
access when it should not do it because it has no permissions.
Any suggestions??
Andrea Moruno