HowTos User Management
Aus Salespoint
(Unterschied zwischen Versionen)
(→Use the UserManager) |
(→Add an ActionCapability to an User) |
||
Zeile 34: | Zeile 34: | ||
</code> | </code> | ||
- | ===Add an ActionCapability to an User=== | + | ===Add an ActionCapability to an User=== |
+ | |||
+ | '''Description:''' | ||
+ | A Capability is used to guard Actions of an application or, and that´s the way it works, to decide wether a User is allowed to do the Action or not. | ||
+ | |||
+ | '''ToDo:''' | ||
+ | |||
+ | # Instantiate a new ActionCapability with | ||
+ | #*its name | ||
+ | #*the text that should be shown in case of an access denial | ||
+ | #*the action that is guarded by the Capability | ||
+ | #*true or false for the Capability to be set as granted or not | ||
+ | # Add the Capability to the User. | ||
+ | |||
+ | '''Example Source Code:''' | ||
+ | <code java> | ||
+ | // create an User | ||
+ | User user = new User("Dolores"); | ||
+ | |||
+ | 1 | ||
+ | ActionCapability capAction = new ActionCapability( | ||
+ | // name of the capability | ||
+ | "CapabilityName", | ||
+ | // acccess denied text | ||
+ | "Access denied text", | ||
+ | // guarded action | ||
+ | new UserCustomAction(), | ||
+ | // grant access | ||
+ | true); | ||
+ | // set the DisplayNameResourceBundle so the CapabilityCheckBox can be labled | ||
+ | ActionCapability.setDisplayNameResourceBundleName("MyResourceBundle"); | ||
+ | |||
+ | 2 | ||
+ | user.setCapability(capAction); | ||
+ | // add user to UserManager | ||
+ | UserManager.getGlobalUM().addUser(user); | ||
+ | // create an ordinary User | ||
+ | User noAccessUser = new User("Dummy"); | ||
+ | |||
+ | 2 | ||
+ | // assign the capability seen above, but set to false (->access denied) | ||
+ | noAccessUser.setCapability(capAction.getToggled()); | ||
+ | UserManager.getGlobalUM().addUser(noAccessUser); | ||
+ | </code> | ||
+ | |||
===Garble a User's password=== | ===Garble a User's password=== |
Version vom 22:31, 5. Apr. 2009
Use the UserManager
Description: The UserManager is an administration tool with a huge functionality. First of all you can store Users in it with all necessary information, even their own passwords, which you can garble (make unreadable). By assigning them certain Capabilities you can protect any possible Action of your application from unauthorized access and thereby have customers and employees administered by one UserManager.
ToDo:
- Make an instance of UserManager in your Shop class.
- Set the instance as global UserManager.
- If you want to add an User, get the GlobalUM and add the User to it.
Example Source Code:
public class UserShop extends Shop
{
public UserShop()
{
super();
1
UserManager userManager = new UserManager();
2
UserManager.setGlobalUM(userManager);
}
public void init()
{
3
User user = new User("Dolores");
UserManager.getGlobalUM().addUser(user);
}
}
Add an ActionCapability to an User
Description: A Capability is used to guard Actions of an application or, and that´s the way it works, to decide wether a User is allowed to do the Action or not.
ToDo:
- Instantiate a new ActionCapability with
- its name
- the text that should be shown in case of an access denial
- the action that is guarded by the Capability
- true or false for the Capability to be set as granted or not
- Add the Capability to the User.
Example Source Code:
// create an User
User user = new User("Dolores");
1
ActionCapability capAction = new ActionCapability(
// name of the capability
"CapabilityName",
// acccess denied text
"Access denied text",
// guarded action
new UserCustomAction(),
// grant access
true);
// set the DisplayNameResourceBundle so the CapabilityCheckBox can be labled
ActionCapability.setDisplayNameResourceBundleName("MyResourceBundle");
2
user.setCapability(capAction);
// add user to UserManager
UserManager.getGlobalUM().addUser(user);
// create an ordinary User
User noAccessUser = new User("Dummy");
2
// assign the capability seen above, but set to false (->access denied)
noAccessUser.setCapability(capAction.getToggled());
UserManager.getGlobalUM().addUser(noAccessUser);