Authorize annotation demo

Description
This page displays the authorize annotation on a method. This is really useful to restrict a method access depending on the user roles, and then defining an automatic Java route. As for the Authorize component and mixin, role definition can be controlled with any, all and not rules.
  • Select a role and submit it to "commit" your choice.
  • Click the bottom link
  • The server side method will be triggered according to the role previously chosen
Please not that in the annotation the roles are not declared with comma (,) separated values, but as an String[].


In Action
Choose your role : Admin
User
Anonymous



Your current role is :

Click this link and see the result :Click me

The trigger result is :





TML Source code

		<!-- form -->
		<t:form>
			<fieldset>
				<legend>Choose your role :</legend>
				<t:radiogroup t:id="role" t:value="role">
		            <t:radio t:value="literal:ADMIN"/> Admin<br/>
		            <t:radio t:value="literal:USER"/> User<br/>
		            <t:radio t:value="literal:ANONYMOUS"/> Anonymous<br/>
		        </t:radiogroup>
		        <t:submit/>
	        </fieldset>
		</t:form>
		<br/><hr/><br/>
		
		Your current role is <b>${currentRole }</b> : <br/><br/>
		
		<fieldset>
			<legend>Click this link and see the result :</legend>
			
			<t:actionlink t:id="trigger">Click me</t:actionlink><br/><br/>
			The trigger result is : ${result }
		</fieldset>
		<br/><br/>
	



Java code

	public class Example4 extends BaseAuthorize
	{
	    @Property
	    @Persist(PersistenceConstants.FLASH)
	    private String result;
	
	    @OnEvent(value = EventConstants.ACTION, component = "trigger")
	    @Authorize(all = "ROLE_USER")
	    void clickUser()
	    {
	        System.out.println("role");
	        result = "Role route called";
	    }
	
	    @OnEvent(value = EventConstants.ACTION, component = "trigger")
	    @Authorize(all = "ROLE_ADMIN")
	    void clickAdmin()
	    {
	        System.out.println("admin");
	        result = "Admin route used";
	    }
	
	    @OnEvent(value = EventConstants.ACTION, component = "trigger")
	    @Authorize(not =
	    { "ROLE_USER", "ROLE_ADMIN" })
	    void clickAnonymous()
	    {
	        System.out.println("ano");
	        result = "Anonymous route triggered on server";
	    }
	}