You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@turbine.apache.org by Ignacio Renuncio <ig...@coverlink.com> on 2002/09/14 16:44:30 UTC

Possible bug in fulcrum-3.0-b2 security service??

Hi everybody.

I use the Fulcrum security service in one application I'm currently
developing, and it does a great job storing Users, Passwords and checking
Permissions, but I've found what it seems to be a bug and I would like
somebody to check this code and confirm or deny the existence of the bug.

The task which shows an abnormal behaviour is a method which iterates all of
the Roles and, for each Role, obtains all of the Permissions assigned to it.

The Java code is as follows:

public static void buggyCode() {
    System.out.println("Iterating thru all of the available Roles:");
    try {
      RoleSet roles = Configuracion.ssFulcrum.getAllRoles();
      Iterator iteratorRoles = roles.elements();
      System.out.println("Number of roles: " + roles.size());
      while (iteratorRoles.hasNext()) {
        Role role = (Role) iteratorRoles.next(); // (a) BUGGY CODE ??
        // role = Configuracion.ssFulcrum.getRole(role.getName()); // ---
(b) PATCH !!
        System.out.println("Role: " + role.getName());
        PermissionSet set = role.getPermissions();
        Iterator it = set.elements();
        while (it.hasNext()) {
          Permission perm = (Permission) it.next();
          System.out.println("Permission: " + perm.getName());
        }
      }
    } catch (DataBackendException dbe) {
      System.err.println("Error: " + dbe);
    } catch (Exception e) {
      System.err.println("Error: " + e);
    }
}

(FYI, Configuracion.ssFulcrum is a properly obtained instance of the
SecurityService)


Well, the code has two problematic lines marked as (a) and (b). The first
iterator behaves normally, but when I reach (a), 'role' is not assigned the
correct value. Every obtained role that way has a --null PermissionSet--.

So, the "Role role = (Role) iteratorRoles.next();" line assigns a Role which
seems to be valid BUT whose PermissionSet is always null.

If I uncomment the (b) line and I assign the role again with
"getRole(role.getName())", the role is apparently assigned the same value
AND this time its PermissionSet has the right value.

Can anybody please take a look at the code and tell me if it's a bug??
Has it been fixed in a newer release??



Thank you very much.

---
Ignacio Renuncio
ignacio.renuncio@coverlink.com



--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>