Hi Florian, Thanks for reply.
In case of that the user has no permission to read ACLs the ACL returned could be an empty list or a PermissionDeniedException is thrown. Returning null is really not nice. In this case c) still makes sense. Don't you think so? Regards, Stephan -----Original Message----- From: Florian Müller [mailto:[email protected]] Sent: Dienstag, 6. Juli 2010 13:48 To: [email protected] Subject: RE: API Feedback: OperationalContext (OC) Well, I think it's not that simple. Let's say we would set includeACL to true by default. That would work fine as long as the user has the permission to read the ACL. If not, getObject() throws an exception. So, the user couldn't load the object although he might not be interested in the ACL at all. That's as confusing and more harmful than the current situation. If you need the current ACL use getAcl(boolean onlyBasicPermissions). It fetches the ACL from the repository but does not store it. I propose more education (yes, we need better documentation) and a set of predefined OperationContexts for standard scenarios. - Florian -----Original Message----- From: Klevenz, Stephan [mailto:[email protected]] Sent: Dienstag, 6. Juli 2010 11:01 To: [email protected] Subject: API Feedback: OperationalContext (OC) Hi, For performance optimization a OC was introduced to control all the include and exclude artifacts of backend calls. The default OC assigned to the session has some includes which are set to false by default. For instance Policies and ACLs: public OperationContextImpl() { setFilter(null); setIncludeAcls(false); setIncludeAllowableActions(true); setIncludePolicies(false); setIncludeRelationships(IncludeRelationships.NONE); setRenditionFilter(null); setIncludePathSegments(true); setOrderBy(null); setCacheEnabled(false); generateCacheKey(); setMaxItemsPerPage(100); // default } As a result calls like document.getAcl() simply return NULL. This is error prone and it is also quite hard to find out the reason why the result is null. I think this can be improved by following options: a) set includes by default to true (optimize only if required) b) throw a meaningful exception in case of the artifact is excluded c) load artifact lazy by having an extra call to the backend My favor would be a) and c) or at least c). WDYT? Regards, Stephan
