Use of request/resource wrappers

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Use of request/resource wrappers

Guillaume Lucazeau
Hello,

My application is supposed to have a "presentation mode" that disables
editing capabilities on content. To implement that, I thought I could open
the document with a parameter in the link, and add a Sling filter on pages
to detect this parameter either in the URL or in the user's session (where
the filter puts it when first detected in the URL).

I thought I could then wrap my resource in a ResourceWrapper, that would
add an "isModifiable" getter that I could use on views to enable/disable
edition capabilities, as this status also depends on locks and write
privileges.

I've written the filter and the wrappers and it seems to work well,
debugging mode shows that it's going through. However, in the JSP
displaying the page resource, ${resource} is actually a JcrNodeResource and
${slingRequest} is a OnDemandReaderRequest.

I do not find where these wrappers re set, and I'm wondering now if my idea
is good and possible to implement. Would you have any tips on how to use my
own wrapper to add information to the displayed resource?

I'm using Sling 7 and I've upgraded Sling engine to 2.4.0.

Thank you for your help.

Regards,
Guillaume
Reply | Threaded
Open this post in threaded view
|

Re: Use of request/resource wrappers

Bertrand Delacretaz
Hi,

On Wed, Apr 27, 2016 at 11:16 AM, Guillaume Lucazeau
<[hidden email]> wrote:
> ...My application is supposed to have a "presentation mode" that disables
> editing capabilities on content....

Can't you use access control for that?

For example give read only access to the anonymous user and read/write
to logged in content authors.

-Bertrand
Reply | Threaded
Open this post in threaded view
|

Re: Use of request/resource wrappers

Guillaume Lucazeau
Hello Bertrand,

Unfortunately I cannot, we don't support anonymous access because from the
user account depends what "documents" he can see and sometimes edit.

On Wed, Apr 27, 2016 at 4:00 PM, Bertrand Delacretaz <[hidden email]
> wrote:

> Hi,
>
> On Wed, Apr 27, 2016 at 11:16 AM, Guillaume Lucazeau
> <[hidden email]> wrote:
> > ...My application is supposed to have a "presentation mode" that disables
> > editing capabilities on content....
>
> Can't you use access control for that?
>
> For example give read only access to the anonymous user and read/write
> to logged in content authors.
>
> -Bertrand
>
Reply | Threaded
Open this post in threaded view
|

Re: Use of request/resource wrappers

Guillaume Lucazeau
Hello,

I thought I could use different views. For instance for a page resource, I
could have presentation.html.jsp, read-only.html.jsp and html.jsp. To use
the presentation view it's all good I cn hard code it in my link has it's
the user that will manually request this view. However, for the read-only
view, it depends on the document status. If it's locked or if the user has
no write privileges, this view should be rendered.

I was thinking to implement a filter that would check these two conditions,
and dynamically add the "read-only" selector to the request if the user is
not allowed to edit the resource.

However, I did not find a way to add a selector to a request using the
Sling API, is it possible somehow to update RequestPathInfo? Like the
"replaceSelectors" parameter of the sling:include tag but in Java code. is
that possible?

Thank you for your help!

Kind regards,
Guillaume

On Wed, Apr 27, 2016 at 4:05 PM, Guillaume Lucazeau <[hidden email]>
wrote:

> Hello Bertrand,
>
> Unfortunately I cannot, we don't support anonymous access because from the
> user account depends what "documents" he can see and sometimes edit.
>
> On Wed, Apr 27, 2016 at 4:00 PM, Bertrand Delacretaz <
> [hidden email]> wrote:
>
>> Hi,
>>
>> On Wed, Apr 27, 2016 at 11:16 AM, Guillaume Lucazeau
>> <[hidden email]> wrote:
>> > ...My application is supposed to have a "presentation mode" that
>> disables
>> > editing capabilities on content....
>>
>> Can't you use access control for that?
>>
>> For example give read only access to the anonymous user and read/write
>> to logged in content authors.
>>
>> -Bertrand
>>
>
>
Reply | Threaded
Open this post in threaded view
|

Re: Use of request/resource wrappers

Oliver Lietz
On Monday 02 May 2016 17:00:00 Guillaume Lucazeau wrote:
> Hello,

Hi Guillaume,
 

> I thought I could use different views. For instance for a page resource, I
> could have presentation.html.jsp, read-only.html.jsp and html.jsp. To use
> the presentation view it's all good I cn hard code it in my link has it's
> the user that will manually request this view. However, for the read-only
> view, it depends on the document status. If it's locked or if the user has
> no write privileges, this view should be rendered.
>
> I was thinking to implement a filter that would check these two conditions,
> and dynamically add the "read-only" selector to the request if the user is
> not allowed to edit the resource.
>
> However, I did not find a way to add a selector to a request using the
> Sling API, is it possible somehow to update RequestPathInfo? Like the
> "replaceSelectors" parameter of the sling:include tag but in Java code. is
> that possible?

sure, see FormServlet in samples/fling. It adds a selector on success and
forwards the request.

Regards,
O.

> Thank you for your help!
>
> Kind regards,
> Guillaume
[...]

Reply | Threaded
Open this post in threaded view
|

Re: Use of request/resource wrappers

vkum14
In reply to this post by Guillaume Lucazeau
Or even simpler, let your application has a landing jsp which will have this business logic of adding selector using sling:include. We have used this and working properly.