You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by Emond Papegaaij <em...@topicus.nl> on 2013/01/02 08:55:23 UTC
Re: Private methods in AuthorizingRealm
Hi Les,
Good to hear that this will be changed. I didn't know about your strict
compatibility guidelines. For Wicket we only guarantee binary
compatibility, also on patch releases. If 1.3 is the version this will be
fixed in, that's fine. For now, we can live with the code duplication.
Best regards,
Emond
On Friday 28 December 2012 09:55:51 Les Hazlewood wrote:
> Hi Edmond,
>
> I'll fix this ASAP in trunk for 1.3, but it can't be fixed for 1.2.2:
> Per our versioning guidelines (http://apr.apache.org/versioning.html):
>
> Patch Versions:
>
> "To retain perfect source and binary compatibility, a patch release
> can only change function implementations. Changes to the API, to the
> signatures of public functions, or to the interpretation of function
> parameters is not allowed. Effectively, these releases are pure bug
> fix releases."
>
> In other words, if you use 1.2.4 for example, you should be able to
> downgrade to 1.2.1 with _no_ impact to your code. This wouldn't be
> possible in the scenario you describe.
>
> HTH,
>
> Les
>
>
> On Thu, Dec 27, 2012 at 6:14 AM, Emond Papegaaij
>
> <em...@topicus.nl> wrote:
> > Hi all,
> >
> >
> >
> > AuthorizingRealm is a good starting point for most custom realms, however
> > the large number of private methods prevent real customization. Over a
> > year ago, someone already asked to change isPermitted to protected in
> > SHIRO-332 and now we are facing similar issues.
> >
> >
> >
> > In our application it is quite expensive to resolve the permissions for a
> > role, so I want to cache the permissions for an AuthorizationInfo, just
> > as the AuthorizationInfo itself is cached. For this to work, I have to
> > change the implementation of getPermissions to first check the cache and
> > then perform the default behavior. If getPermissions were protected, I
> > could simply override that method, check the cache and call super if
> > nothing was cached, but now I have to copy-paste all these methods (over
> > 100 lines of code) to change only a few lines:
> >
> >
> >
> > private Collection<Permission> getPermissions(AuthorizationInfo)
> >
> > to change the code
> >
> > private Collection<Permission> resolvePermissions(Collection<String>)
> >
> > private Collection<Permission> resolveRolePermissions(Collection<String>)
> >
> > because they are used by getPermissions and private
> >
> > private boolean isPermitted(Permission, AuthorizationInfo)
> >
> > because it uses getPermissions
> >
> > protected void checkPermission(Permission, AuthorizationInfo)
> >
> > protected boolean[] isPermitted(List<Permission>, AuthorizationInfo)
> >
> > public boolean isPermitted(PrincipalCollection, Permission)
> >
> > protected boolean isPermittedAll(Collection<Permission>,
> > AuthorizationInfo)
> >
> > because they use isPermitted
> >
> >
> >
> > Can this issue please be fixed for 1.2.2? The changes are binary
> > compatible and small, but would help is a lot.
> >
> >
> >
> > Best regards,
> >
> > Emond Papegaaij