You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@click.apache.org by Bob Schellink <sa...@gmail.com> on 2009/11/29 03:18:24 UTC

menu isUserInRole impl

Hi all,

If a menu doesn't define any roles, isUserInRoles will return false. I wonder if this is the correct 
default. Wouldn't it be better to return true if no roles are defined? Otherwise one will have to 
define an anonymous role and set it on these menus.

regards

bob


Proposed change:

   public boolean isUserInRoles() {
     // PROPOSED CHANGE START
     List roles = getRoles();
     if (roles == null || roles.isEmpty()) {
       return true;
     }
     // END

     if (getAccessController() == null) {
       String msg = "Menu accessController has not been defined";
       throw new IllegalStateException(msg);
     }

     HttpServletRequest request = getContext().getRequest();

     for (int i = 0, size = roles.size(); i < size; i++) {
       String rolename = (String) roles.get(i);
       if (getAccessController().hasAccess(request, rolename)) {
         return true;
       }
     }

     return false;
   }

Re: menu isUserInRole impl

Posted by Malcolm Edgar <ma...@gmail.com>.

I think in terms of the method name this is correct behaviour. If
there are not roles defined, then I dont think it is correct to say
the user belongs to the empty set of roles.

Making this change could impact existing applications in unexpected ways.

You can always write you menu macro to test for the menu.getRoles().isEmpty()

regards Malcolm Edgar

On Sun, Nov 29, 2009 at 1:18 PM, Bob Schellink <sa...@gmail.com> wrote:
> Hi all,
>
> If a menu doesn't define any roles, isUserInRoles will return false. I
> wonder if this is the correct default. Wouldn't it be better to return true
> if no roles are defined? Otherwise one will have to define an anonymous role
> and set it on these menus.
>
> regards
>
> bob
>
>
> Proposed change:
>
>  public boolean isUserInRoles() {
>    // PROPOSED CHANGE START
>    List roles = getRoles();
>    if (roles == null || roles.isEmpty()) {
>      return true;
>    }
>    // END
>
>    if (getAccessController() == null) {
>      String msg = "Menu accessController has not been defined";
>      throw new IllegalStateException(msg);
>    }
>
>    HttpServletRequest request = getContext().getRequest();
>
>    for (int i = 0, size = roles.size(); i < size; i++) {
>      String rolename = (String) roles.get(i);
>      if (getAccessController().hasAccess(request, rolename)) {
>        return true;
>      }
>    }
>
>    return false;
>  }
>
>