[GitHub] [james-project] chibenwa commented on pull request #1388: JAMES-3756 SessionTranslator should only ask 1 delegation source

[GitBox <gi...@apache.org>]

chibenwa commented on PR #1388:
URL: https://github.com/apache/james-project/pull/1388#issuecomment-1378571262

   I have two major issues wit this design:
   
    - 1. the naming suck (): too long, not precise
     - 2. with this change SessionProvider exposes the APIs to bypass its own role pushing validation logics to the applicative layers, which is unsafe and breaks encapsulation.
     - 3. Too much methods does (almost) the same things.
     
   3 big code smells ...
     
   Especially on authorization I want to be able to review code and state "that's fine, it only relies on the session provider, so I know authorization logic won't be messed up". With this change I cannot make such assumptions.
   
   As an alternative I would try to refine the SessionOrovider API  to make it more composable and expressive while keeping it concise and safe.
   
   Please see https://github.com/chibenwa/james-project/tree/poc-refacto-delegation as a possible alternative.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@james.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@james.apache.org
For additional commands, e-mail: notifications-help@james.apache.org