I use an IAuthorizationStrategy
in wicket to limit access to certain pages. However, I also use html menus like this one:
<div class="siteMenu">
<wicket:link>
<a href="Page1.html" class="siteMenuLink">
<wicket:message key="pages.page1.title" />
</a>
<a
href="Page2.html" class="siteMenuLink">
<wicket:message key="pages.page2.title" />
</a>
<a
href="Page3.html" class="siteMenuLink">
<wicket:message key="pages.page3.title" />
</a>
</wicket:link>
</div>
, that are automatically picked up and expanded using the wicket:link
mechanism (like here: http://wicket.apache.org/examplenavomatic.html ). However, the IAuthorizationStrategy
may not allow one or more of these target pages, so I may end up either开发者_Python百科 with lots of links that lead to "permission denied" pages or lots of deactivated links (i.e. em tags or the like), neither of which is pretty.
I could of course write an IComponentInstantiationListener
that checks all BookmarkableLinks
to see whether their target is accessible through the IAuthorizationStrategy
and renders them invisible otherwise, but I wonder if there is an out-of-the-box solution to this problem. For clarification: I only use the isInstantiationAuthorized()
method of IAuthorizationStrategy
.
Actually, I was blind. The answer is obvious. Extend the authorization strategy to check the links to the pages and then use an IUnauthorizedComponentInstantiationListener
to render them invisible
精彩评论