-
FEATURED COMPONENTS
First time here? Check out the FAQ!
Hi, i would like to ask whether it is possible to detect multiple user session attribute and act accordingly (such as post command) if the concerned user fulfil that condition. My scenario is:
i have implemented an event listener on Click button, so that if admin user change certain role privilege on certain view access id, another user who are currently logged in with the affected view and role on different session will automatically redirected to unauthorized page access (through post global command method). Is it possible to do the changes on the afflicted user session ? (user whom current role and view is in accordance with the changes done by admin user). Bellow is my on click event code:
// admin on click change role view access
@Command("UpdateRoleAssignment") @SuppressWarnings({"unchecked","rawtypes"}) public void UpdateCallPopWin(@ContextParam(ContextType.BINDER) final Binder binder) { // do method update role assignment ........... (quite long)
// retrieve the current session attribute userCre = authService.getUserCredential();
if (userCre != null) {
if (userCre.getCurrentPageID() != null) {
String currentPageID = userCre.getCurrentPageID();
String currentUserID = userCre.getaccount();
// check whether the user ID has access to the current view_ID
userDAOInst.getJoinView(UserID, currentPageID);
// if he / she doesn't have the access redirect it to the unauthorized page
if (userDAOInst == null) {
Clients.showNotification("View Access Rule Violation Detected!!");
postSideBarNavGlobalCommand(viewID, viewLabel, viewType, Uri);
}
}
}
}
getJoinView method is mysql procedure to check whether the user has rights to access the view id inputted. PostSideBarNavGlobalCommand is the global command which is used to render the page to the unauthorized page according to its viewID, viewLabel, viewType, Url. Currently it is working only for current session (session for admin user (user who changes the role assignment which won't be executed because the current view id will never be caught into the unauthorized view id =( ). how it can be done for users on different sessions?
Thanks before..
This is of course possible.
There is a small talk how you can do a chat with global command :
http://books.zkoss.org/wiki/SmallTalks/2014/March/ChatwithGlobalCommand
There is explained what you have to do for it. Don't forget, that each page must have viewmodel to the application scope where the global command is described.
You can make a seperate viewmodel for this and add that to your master page(if you use this) or just declare it in each page.
Greetz chill.
Asked: 2015-03-13 05:55:05 +0800
Seen: 10 times
Last updated: Mar 13 '15