Friday, December 14, 2012

Using Bean in Expression language with parameter to check user Authorization

There were many questions in how to build a customized bean and use it in expression language to return user authorization based on specific parameter passed through expression language. In here I will describe the steps in how to build your own bean, accessing its methods and passing parameter to it.

This first step is develop the method that you want to receive your parameter and return the success or failure logic, the authorization roles in my scenario are stored in ViewObject based on dynamic SQL statements that loads the roles from different tables depending on some HR and Assignment statues:


public class AuthorizationBean {
 
    private ApplicationModule appModule=ADFFacesHelper.getAppplicationModule("AppModuleDataControl");

    public AuthorizationBean() {
        super();
    }

    
    public boolean getUserInRole(String RoleCode){
        boolean havePriv=false;
        ViewObject userRoles=appModule.findViewObject("UserRolesVO1");
        RowSet rowSet=userRoles.getRowSet();
        Row row=rowSet.first();
        while(row!=null){         
            String roleCode=row.getAttribute("RoleCode").toString();            
            if(roleCode.equals(RoleCode)){
                havePriv=true;
            }
            row=rowSet.next();
        }
        return havePriv;
    }
 }

The next step is define a bean that will act as an interface between the Authorization bean and expression language, it will receive the parameter from expression language and pass it to a method developed earlier, the class should implements HashMap interface and implements get(Object) method:

import java.util.HashMap;

public class CallAuthorizationBean extends HashMap {
    public CallAuthorizationBean() {
        super();
    }

    public String get(Object key) {
        AuthorizationBean authorization=new AuthorizationBean();
         return ""+authorization.getUserInRole((String)key);
    }
}

Finally, you can call the customized method using expression language like this:
#{Authorization['20180100']=='false'}