cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

UME - check ValuePermission in WDP

Go to solution
Former Member

on ‎12-06-2006 1:48 PM

0 Kudos

Hello,

I am playing around with checking permissions in web dynpro and ejb. My permissions that extend ActionPermission are working fine, but i dont know how to implement checks on permissions that extend ValuePermission.

If i have a class TestValuePermission extends ValuePermission.

How should permissions be defined in actions.xml and how to do my check? The documentation says the following about valuepermission:

This permission class maps a permission name to a value, for example:

Name=”Value”, Action=”25”

Name=”Min”, Action=”>50”

Name=”Max”, Action=”<100”

Does this have to be put in the actions.xml? (with lower than and greater than sign)

It would be of great help if someone could give a example (for example checking value within boundaries) for valuepermission, including the xml and the code-part that checks the permission.

user.checkPermission(new TestValuePermission( "name" , "value");

Kind regards,

Joren

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎12-08-2006 12:37 PM
0 Kudos

Hi Joren,

first, you may want to move this back to security, as this is not WebDynpro related

Second: Haven't played with ValuePermission for a long time, but if I'm not mistaken, the definition should look like the following:

The class itself:


package com.mycom.myappl;
import com.sap.security.api.permissions.ValuePermission;
public class MyPermission extends ValuePermission {
    /**     
       * @param object
       * @param value
   */
     public MyPermission(String object, String value) {
         super(object, value);
   }
}



in actions.xml:
<ACTION NAME="MyValue1">
   <DESCRIPTION LOCALE="en" VALUE="Bigger than 50" ></DESCRIPTION LOCALE="en" VALUE="Bigger>
   <PERMISSION CLASS="com.mycom.myappl.ValuePermission"
         NAME="Value", VALUE=">50" />
</ACTION>

user.checkPermission(new MyPermission("Value", "75"));

As Limit is set to somthing bigger than 50, this would succeed.

you can only have the bigger and smaller signs in the definition of the action (no sign works as well and is the same as equal).

just to give you an idea.

Regards,

Patrick

Show replies
Show replies
Former Member
‎12-08-2006 1:14 PM
0 Kudos

Hi,

Thanx for the reply. I thought it was working like you say, but it doesn't for some reason.

I have a ValuePermission class like u have, and this is in my actions.xml


...
<ACTION NAME="MAX_VALUE">
     <DESCRIPTION LOCALE="en" VALUE="Result has to be lower than 1000" /> 
          <PERMISSION CLASS="com.mycom.myappl.TestEJBValuePermission" NAME="ADD" VALUE="&lt;1000"/>
</ACTION>  	
...

And this is how i do the check:


user.checkPermission(new TestEJBValuePermission("ADD", new Float(result).toString()));

But whatever result is, it's always ok.. Is it possible that it has something do with the fact that i'm trying it with float values?

Kind regards,

J.

Former Member
‎12-08-2006 2:43 PM
0 Kudos

> ...

> 


> user.checkPermission(new
> TestEJBValuePermission("ADD", new Float(result).toString()));
>

> Is it possible that it has something do with the fact that

> i'm trying it with float values?

To my knowledge, the value has to be an integer. If you have a float, you should first convert it to an int. I would guess this is the reason.

BTW: If I remeber correctly floats converted to string look something like 1.345 e1, the int value from this string is 1 which is lower than 1000 and would even explain the result you have seen just perfectly

Regards,

Patrick

Message was edited by:

Patrick Hildenbrand

Former Member
‎12-08-2006 3:05 PM
0 Kudos

Hi.

Thanx, you are right, it only works when u use int values. So i had to do:

float result= ...;

String value = "" + new Float(result).intValue();

If i define ADD <1000 in actions.xml and you check for a value of 1000, its allowed, so i guess the <1000 is interpreted as <=1000 by the check.

Thx for the help.

J.

Answers (0)

Ask a Question