Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>You want to take into account actual domain object. There is special <a href="http://static.springsource.org/spring-security/site/docs/3.2.x/reference/springsecurity-single.html#domain-acls" rel="nofollow noreferrer">ACL</a> feature in Spring Security for these purposes. You can set up it and use corresponding <a href="http://static.springsource.org/spring-security/site/docs/3.2.x/reference/springsecurity-single.html#d0e6991" rel="nofollow noreferrer">accesscontrollist</a> tag:</p> <pre><code>&lt;sec:accesscontrollist hasPermission="2" domainObject="${profile}"&gt; &lt;!-- Your edit link goes here --&gt; &lt;!-- "2" means write permission --&gt; &lt;!-- Be sure that you use Spring Security &gt;= 3.1.2. This syntax may not works for smaller versions due to bugs --&gt; &lt;/sec:accesscontrollist&gt; </code></pre> <p>It may be an overkill if you have only one situation like this.</p> <p>Option number 2. You can define a custom web security expression:</p> <pre><code>&lt;sec:authorize access="isOwner(#profile)"/&gt;. </code></pre> <p>It is not <a href="https://stackoverflow.com/questions/14185070/spring-securityintercept-url-pattern-access-id-1/14199105#14199105">so simple too</a>.</p> <p>I think a custom JSP tag (<a href="https://stackoverflow.com/questions/1296235/jsp-tricks-to-make-templating-easier">tag file</a>) will be the most simple solution:</p> <pre><code>&lt;customtags:authorizeeditaccount account="${profile}"/&gt; </code></pre> <p>This tag will do the same things. It will look much better.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload