开发者

In wicket, combine wicket:link with IAuthorizationStrategy

开发者 https://www.devze.com 2023-01-01 10:56 出处:网络
I use an IAuthorizationStrategy in wicket to limit access to certain pages. However, I also use html menus like this one:

I use an IAuthorizationStrategy in wicket to limit access to certain pages. However, I also use html menus like this one:

<div class="siteMenu">
<wicket:link>
    <a href="Page1.html" class="siteMenuLink">
        <wicket:message key="pages.page1.title" />
    </a>
    <a
        href="Page2.html" class="siteMenuLink">
        <wicket:message key="pages.page2.title" />
    </a>
    <a
        href="Page3.html" class="siteMenuLink">
        <wicket:message key="pages.page3.title" />
    </a>
</wicket:link>
</div>

, that are automatically picked up and expanded using the wicket:link mechanism (like here: http://wicket.apache.org/examplenavomatic.html ). However, the IAuthorizationStrategy may not allow one or more of these target pages, so I may end up either开发者_Python百科 with lots of links that lead to "permission denied" pages or lots of deactivated links (i.e. em tags or the like), neither of which is pretty.

I could of course write an IComponentInstantiationListener that checks all BookmarkableLinks to see whether their target is accessible through the IAuthorizationStrategy and renders them invisible otherwise, but I wonder if there is an out-of-the-box solution to this problem. For clarification: I only use the isInstantiationAuthorized() method of IAuthorizationStrategy.


Actually, I was blind. The answer is obvious. Extend the authorization strategy to check the links to the pages and then use an IUnauthorizedComponentInstantiationListener to render them invisible

0

精彩评论

暂无评论...
验证码 换一张
取 消