• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Junilu Lacar
Sheriffs:
  • Rob Spoor
  • Liutauras Vilda
  • Tim Cooke
Saloon Keepers:
  • Tim Moores
  • Piet Souris
  • Tim Holloway
  • Jj Roberts
  • Stephan van Hulst
Bartenders:
  • Himai Minh
  • Carey Brown
  • Frits Walraven

Read Only Access

 
Ranch Hand
Posts: 113
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello All,

I am kind of looking for clear solution to give Read only access certain users in the application I am working.

This application has been built and is working fine in production. Now, users have come up with new requirement to allow certain users to access application in readonly mode.

The application is built using Spring framework with AS400 and Oracle as DB. The application server used is Weblogic 7.0.

In this application, after user successfully logs into the system, "user" object is created with application specific information and job codes for that user retrieved from some other system.

With current requirements there are no intermediate access privileges required. Like ADD_ONLY/UPDATE_ONLY or there is no requirement of autherising user to acess particular module/part of the system. User can have either FULL or READ only access.

I was thinking of adding one more attribute called accessPrivileges to User object which would be contain either READ_ONLY or FULL_ACCESS. On sucessfully login I will check his job code and assign one privilege.
In each JSP, Check for this flag and if readonly disable submit button.

I don't want to hardcode these job codes/accessPrivileges in the code in order to avoid code changes if something change in furture. I want the job codes and access privileges to be in some file or DB so that the program checks for them at runtime.

Please suggest me what would be the best solution for such kind of a problem.

Thank you
 
Ranch Hand
Posts: 995
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The solution sounds good. Maybe a better one would be to have all the inputs READ-ONLY for a read-only user and also the Submit button absent. This way the user will not get pissed off after modifying the data and not finding a way to submit it.

--
:alex |.::the_mindstorm::.
 
Ranch Hand
Posts: 82
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Are you using Struts? If you are you can use the role attribute that user has or create a jsp tag that can show only a as readonly if that is the role the user has. I have done this in the past and seems to work well.
 
s penumudi
Ranch Hand
Posts: 113
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thank you very much for your response.
I am not using struts. JSTL is used through out the project.

Ali Pope, your right. But problem is to make all the form fields manually in readonly would be little bit time comsuming as there are some 20 JSP's.

Do you have any quicker solution to achieve this.

Thank you
 
reply
    Bookmark Topic Watch Topic
  • New Topic