public interface ToolsDeployment
To deploy the tools
simply inherit the com.smartgwtee.tools.Tools module. There are no additional
settings to configure.
These tools are, by default, available to
anyone and enable access to all "BuiltinRPCs" and the Filesystem DataSource so they should only
be deployed into a trusted environment. Alternately, the tools can easily be restricted to
administrators or end users by protecting the tools path with normal
authentication and authorization mechanisms on the web server.
More fine-grained access
control can be installed by updating each tool's xxxOperations.jsp file (ex.
tools/adminConsoleOperations.jsp, tools/visualBuilder/vbOperations.jsp). These files are
responsible for enabling builtinRPC and FileSystem DataSource access. Individual BuiltinRPC
methods can be restricted, for example, such that some users are allowed to load screens but
not save any changes. See comments within each file for an example of restricting this access.
See the server-side Javadocs for methods provided by BuiltinRPC.
Note that the tools provides a "live" interface to the provided DataSources. In other words, if a DataSource supports saving and a tool enables editing, real saves will be initiated.
When loaded, the Developer Console will attempt to reach the page at tools/developerConsoleOperations.jsp and, if available, will provide access to additional functionality that should normally be restricted in production environments (ex. server logs).
For production deployment of the Developer Console with full functionailty available to admins, just deploy the tools module with password protection as described above. The method for finer- grained access control described above is also supported by developerConsoleOperations.jsp.