You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@wicket.apache.org by "Martin Grigorov (JIRA)" <ji...@apache.org> on 2012/06/03 05:09:23 UTC

[jira] [Resolved] (WICKET-4582) wicket-auth-roles cannot be extended/customized without copy/pasting MetaDataRoleAuthorizationStrategy and ActionPermissions

     [ https://issues.apache.org/jira/browse/WICKET-4582?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Martin Grigorov resolved WICKET-4582.
-------------------------------------

       Resolution: Fixed
    Fix Version/s: 1.5.8
                   6.0.0-RC1
         Assignee: Martin Grigorov
    
> wicket-auth-roles cannot be extended/customized without copy/pasting MetaDataRoleAuthorizationStrategy and ActionPermissions
> ----------------------------------------------------------------------------------------------------------------------------
>
>                 Key: WICKET-4582
>                 URL: https://issues.apache.org/jira/browse/WICKET-4582
>             Project: Wicket
>          Issue Type: Improvement
>          Components: wicket-auth-roles
>    Affects Versions: 1.5.5
>            Reporter: Radu Focseneanu
>            Assignee: Martin Grigorov
>            Priority: Minor
>              Labels: security
>             Fix For: 6.0.0-RC1, 1.5.8
>
>   Original Estimate: 0.5h
>  Remaining Estimate: 0.5h
>
> I'm using this module with MetaData Roles for authorizing the render action on components. 
> Because the ActionPermissions class access modifier is package, it can only be used in the same package. If you need to override MetaDataRoleAuthorizationStrategy isActionAuthorized method, you cannot do that in any other package because the metadata key is package and you cannot see it from anywhere else. 
> I ended up copy pasting the whole MetaDataRoleAuthorizationStrategy and ActionPermissions classes instead of extending them. 
> The fix should simply change access to ActionPermissions to public. InstantiationPermissions is public, I don't see why ActionPermissions can't be

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira