Access permissions

By default all pages using the main template /WEB-INF/templates/layout/template.xhtml require the user to be logged in. If you want a page to be accessible without login set:

<ui:param name="hasAccessPermission" value="true" />

You can also use this parameter for simple access permissions like:

<ui:param name="hasAccessPermission" value="#{userBean.admin}" />

More complicated permissions that depend on get parameters should be evaluated in the bean's onLoad method. e.g.:

    public void onLoad() throws SQLException
    {
        if(!isLoggedIn())
            return;

        group = getLearnweb().getGroupManager().getGroupById(groupId);

        if(null == group)
        {
            addInvalidParameterMessage("group_id");
            return;
        }
        if(!group.canViewResources(getUser()))
        {
            group = null; // set main object of this page to null to block access
            addAccessDeniedMessage();
            return;
        }

        ... // load other things
    }

In the XHTML page use:

<ui:param name="hideContent" value="#{forumTopicsBean.group eq null}" />

to hide the content when the main object wasn't loaded. The main object is usually the one that is described by the most important get parameter.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Access permissions

Access permissions

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally