Can I filter collections based on permissions automatically?

Yes, RBACService.getAuthorizedCollection() allows you to filter an entire list of resources to only include those the current user is authorized to access.

What is a Lutece ResourceIdService?

It is a service that registers a resource type and its associated permissions (like CREATE, MODIFY, VIEW) within the Lutece RBAC manager, allowing administrators to assign these permissions to roles.

What is the role of plugin.xml in Lutece RBAC?

The plugin.xml file must declare the ResourceIdService class within the tag to make the permissions available in the Lutece back-office.

How do I check permissions in a Lutece JspBean?

Use the RBACService.isAuthorized() method, passing the resource type constant, the specific resource ID, the required permission key, and the current AdminUser object.

Lutece RBAC Implementation

Name: Lutece RBAC Implementation
Author: lutece-platform

bylutece-platform

0•

Seguridad y Pruebas

Implements secure Role-Based Access Control (RBAC) patterns for Lutece 8 plugins using standardized resource services and authorization checks.

This skill provides a comprehensive framework for implementing RBAC within Lutece 8 development environments. It guides developers through the entire lifecycle of resource protection, including entity interface implementation, ResourceIdService registration, plugin configuration, and JSP-level authorization enforcement. By following these patterns, developers can ensure granular access control for entity creation, modification, deletion, and viewing, while maintaining compatibility with Lutece's core security services and workgroup management.

Características Principales

01Standardized RBACResource entity implementation patterns

02Plugin configuration templates for rbac-resource-type registration

03Advanced workgroup-based filtering and CSRF validation integration

04JspBean authorization check snippets for views and actions

05Automated ResourceIdService class generation for permission mapping

060 GitHub stars

Casos de Uso

01Securing administrative features in a custom Lutece plugin

02Filtering UI elements and actions based on user roles and workgroups

03Implementing granular permissions for specific database entities

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add lutece-platform/lutece-dev-plugin-claude lutece-rbac

For use in Claude.ai and ChatGPT

Download Skill