| Key: |
SM-2
|
| Type: |
Bug
|
| Status: |
Resolved
|
| Resolution: |
Fixed
|
| Priority: |
Major
|
| Assignee: |
Matt Raible
|
| Reporter: |
Tim Morrow
|
| Votes: |
0
|
| Watchers: |
0
|
|
If you were logged in you would be able to see more operations.
|
|
|
|
I have a menu with 2 levels of child components. I have a custom permissions adapter. However, I found that when using the VelocityMenuDisplayer, my permissions adapter isAllowed() method was invoked only for the root menu and the next level of components. This meant that certain menu components were always displayed, even if the user shouldn't have had permissions.
Ideally it would invoke isAllowed() for an arbitrary depth of menu components.
I do not have a workaround.
|
|
Description
|
I have a menu with 2 levels of child components. I have a custom permissions adapter. However, I found that when using the VelocityMenuDisplayer, my permissions adapter isAllowed() method was invoked only for the root menu and the next level of components. This meant that certain menu components were always displayed, even if the user shouldn't have had permissions.
Ideally it would invoke isAllowed() for an arbitrary depth of menu components.
I do not have a workaround.
|
Show » |
Sort Order:
|
VelocityMenuDisplayer only invokes isAllowed() on permissions adapter for one level of child components
Note that this patch doesn't alter the existing behavior of modifying the actual menu structure, which is problematic with a servletcontext-scoped menu (i.e. it affects all users).
My recommendation for that is to define a custom session context listener and load the menu into session scope.