在 wicket 中,将 wicket:link 与 IAuthorizationStrategy 结合起来
我使用 IAuthorizationStrategy< /a> 在检票口中限制对某些页面的访问。不过,我也使用像这样的 html 菜单:
<div class="siteMenu">
<wicket:link>
<a href="Page1.html" class="siteMenuLink">
<wicket:message key="pages.page1.title" />
</a>
<a
href="Page2.html" class="siteMenuLink">
<wicket:message key="pages.page2.title" />
</a>
<a
href="Page3.html" class="siteMenuLink">
<wicket:message key="pages.page3.title" />
</a>
</wicket:link>
</div>
,使用 wicket:link 机制自动拾取并展开这些菜单(如下所示:http://wicket.apache.org/examplenavomatic.html )。但是,IAuthorizationStrategy 可能不允许这些目标页面中的一个或多个,因此我最终可能会得到大量导致“权限被拒绝”页面的链接或大量停用的链接(即 em 标签或类似标签),两者都不漂亮。
我当然可以写一个 IComponentInstantiationListener检查所有 BookmarkableLinks 以查看它们的目标是否可以通过 IAuthorizationStrategy 访问,否则会使它们不可见,但我想知道是否有一个out-of - 这个问题的现成解决方案。为了澄清:我只使用 IAuthorizationStrategy 的 isInstantiationAuthorized() 方法。
I use an IAuthorizationStrategy in wicket to limit access to certain pages. However, I also use html menus like this one:
<div class="siteMenu">
<wicket:link>
<a href="Page1.html" class="siteMenuLink">
<wicket:message key="pages.page1.title" />
</a>
<a
href="Page2.html" class="siteMenuLink">
<wicket:message key="pages.page2.title" />
</a>
<a
href="Page3.html" class="siteMenuLink">
<wicket:message key="pages.page3.title" />
</a>
</wicket:link>
</div>
, that are automatically picked up and expanded using the wicket:link mechanism (like here: http://wicket.apache.org/examplenavomatic.html ). However, the IAuthorizationStrategy may not allow one or more of these target pages, so I may end up either with lots of links that lead to "permission denied" pages or lots of deactivated links (i.e. em tags or the like), neither of which is pretty.
I could of course write an IComponentInstantiationListener that checks all BookmarkableLinks to see whether their target is accessible through the IAuthorizationStrategy and renders them invisible otherwise, but I wonder if there is an out-of-the-box solution to this problem. For clarification: I only use the isInstantiationAuthorized() method of IAuthorizationStrategy.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
其实我是瞎了。答案是显而易见的。扩展授权策略以检查页面的链接,然后使用
IUnauthorizedComponentInstantiationListener使它们不可见Actually, I was blind. The answer is obvious. Extend the authorization strategy to check the links to the pages and then use an
IUnauthorizedComponentInstantiationListenerto render them invisible