ShowForRole improvement

Skip to first unread message

Thomas Hallgren

Mar 19, 2012, 4:35:46 AM3/19/12
to web4j-users
I took for granted that the w:isNotRole("some-role") would yield true
when the user is not logged in. Apparently it doesn't since all tests
are false unless there's a user principal. What's the rationale behind
that? If a user isn't logged in, then surely there's no role
membership either.

I would suggest that this is changed so that isNotRole returns true
when there's no principal. Either that, or that two new methods are

isRoleKnown() // The user is logged in and has a role
isRoleNotKnown() // The user is not logged in

John O'Hanley

Mar 19, 2012, 7:29:14 PM3/19/12
to web4j-users
Hi Thomas,

Could you elaborate why the same URL/JSP is accessed by both logged in
users and non-logged in users?

- John

Thomas Hallgren

Mar 20, 2012, 2:10:51 AM3/20/12
It isn't just a matter of URL/JSP. You might want to use this tag in elements that are included on many different pages.
Elements that you want to tailor differently depending on if the user is logged in or not.

- thomas

John O'Hanley

Mar 22, 2012, 7:10:37 PM3/22/12
to web4j-users
Right now, this idea doesn't strike me as something that should be in
the core. But I may be wrong. I will note the issue for future
consideration, since I always like to reconsider things.

The reasons it's not appealing to me :
1. It came from a specific assumption about the existing tag. Reading
javadoc for the existing tag would have clarified it's behavior in 10

2. It would seem best to me to keep 2 ideas separate: is-user-logged-
in versus does-user-have-role... For example, the most legible syntax
for these operations might resemble:
<w:show ifRole="..." >...
<w:show ifRoleNot="..." >...
<w:showIf loggedIn="true">...
<w:showIf loggedIn="false">...

This would keep each tag simple, clear, and legible.

3. The implementation of a tag for is-user-logged-in would be really
simple to implement. The core of its implementation would be something

@Override protected String getEmittedText(String aOriginalBody) {
Principal user = getRequest().getUserPrincipal();
boolean isLoggedIn = (user != null);
return isLoggedIn == isLoginDesired();

This is simple. It's easy to build this, especially since the source
code of the ShowForRole tag is already available.

4. With a minimal tool like web4j, I need to always ask if any
proposed feature is really a compelling improvement or not. Right now,
this doesn't seem so compelling.

- John

John O'Hanley

Sep 26, 2013, 6:18:00 PM9/26/13
I've changed my mind. 

This is useful to add. The syntax will be like this:

<w:show ifLoggedIn="true"> ..content.. </w:show>

<w:show ifLoggedIn="false"> ..content.. </w:show>

This third style will have no logic regarding roles at all.

I will add this to the existing ShowForRole tag; I know the class name was
originally intended for role-logic, but it's closely related.

The ifLoggedIn attr must appear on its own, with no mixing with the roles-detection
style. I want to keep them logically independent; that has the simplest

- John

Reply all
Reply to author
0 new messages