Christian HagerSoftware Engineer // Technical Director // Photographer

Eclipse RCP Security with Activities and Expressions

While recently working on my companies inhouse-rcp-application I had the requirement to prevent the user from accessing several elements of our user-interface. After some googling I found out that ui-contributions can be hidden by using activities together expressions. Finally I ended up with the following solution.

First we have to define an activity using the corresponding extension point. The newly created activity gets the id “com.nordiccoding.rcp.security.canAccessView”. Having created the activity we can attach an expression to it which determines whether the activity is enabled or disabled. Our example expression defines that the activity is enabled when the variable containing our user-rights contains the right “com_nordiccoding_rcp_security_canAccessView”. Next we have to bind the activity to one or more ui-contributions. In this example I will use a view to demonstrate this feature but as stated in the eclipse help [1] activties can also be bound to the following ui-contributions:

  • editors
  • Perspectives
  • Preference and property pages
  • Menus and toolbars
  • New wizard
  • Common Navigator Action Providers

To bind the action to the view we use an ActivityPatternBinding which consists of two parts. The id of the Activity and a pattern-string pointing to the ui-contribution we want to bind to the activity. For the pattern-string we concatenate the id of our plugin and the id of the ui-contribution divided by a slash. If we want to bind more than one ui-contribution it is also possible to use a regular expression here.

Here is how the extension definition should look at this point.

<extension
      point="org.eclipse.ui.activities">
   <activity
         id="com.nordiccoding.rcp.security.canAccessView"
         name="User can access the view">
      <enabledWhen>
         <with
               variable="com.nordiccoding.rcp.security.userRights">
            <iterate
                  ifEmpty="false"
                  operator="or">
               <equals
                     value="com_nordiccoding_rcp_security_canAccessView">
               </equals>
            </iterate>
         </with>
      </enabledWhen>
   </activity>
   <activityPatternBinding
         activityId="com.nordiccoding.rcp.security.canAccessView"
         pattern="com.nordiccoding.rcp.security/com.nordiccoding.rcp.security.view">
   </activityPatternBinding>
</extension>

Next we have to make our user rights variable available to the expression system. Therefore we add an instance of ISourceProvider which serves this variable. The ISourceProvider can be added using the extension-point “org.eclipse.ui.services”.

<extension
      point="org.eclipse.ui.services">
   <sourceProvider
         provider="com.nordiccoding.rcp.security.SecuritySourceProvider">
      <variable
            name="com.nordiccoding.rcp.security.userRights"
            priorityLevel="workbench">
      </variable>
   </sourceProvider>
</extension>

Now we have to provide the Implementation of the SourceProvider. For the beginning we leave the user-rights-variable empty as if the user has no rights. The implementation of the ISourceProvider should then look like this.

public class SecuritySourceProvider extends AbstractSourceProvider {

 enum UserRights {
  com_nordiccoding_rcp_security_canAccessView
 }

 public static final String SOURCE_NAME_USER_RIGHTS = "com.nordiccoding.rcp.security.userRights";
 private static final String[] PROVIDED_SOURCE_NAMES = new String[] { SOURCE_NAME_USER_RIGHTS };
 private final Map<String, Object> currentStateContainer;
 private final Set<string> userRights;

 public SecuritySourceProvider() {
  userRights = new HashSet<string>();
  currentStateContainer = new HashMap<String, Object>();
  currentStateContainer.put(SOURCE_NAME_USER_RIGHTS, userRights);
 }

 @Override
 public void dispose() {
 }

 @Override
 public Map<String, Object> getCurrentState() {
  return currentStateContainer;
 }

 @Override
 public String[] getProvidedSourceNames() {
  return PROVIDED_SOURCE_NAMES;
 }
}

If we start the application at this point our view won’t be shown because we didn’t add the right to access the view. If we add the right and restart the application the view will be shown correctly.

userRights.add(UserRights.com_nordiccoding_rcp_security_canAccessView.toString());

Tags: , ,

Leave a Reply

Your email address will not be published. Required fields are marked *