[magnolia-dev] [JIRA] Created: (MAGNOLIA-3147) MgnlUser, MgnlGroup, MgnlRole and their managers should not save implicitely OR it should be possible to give them a specific hierarchy manager OR

Thu, 18 Mar 2010 10:25:35 -0700 

MgnlUser, MgnlGroup, MgnlRole and their managers should not save implicitely OR 
it should be possible to give them a specific hierarchy manager OR 
---------------------------------------------------------------------------------------------------------------------------------------------------

                 Key: MAGNOLIA-3147
                 URL: http://jira.magnolia-cms.com/browse/MAGNOLIA-3147
             Project: Magnolia
          Issue Type: Improvement
          Components: core, modulemechanism, security
            Reporter: Grégory Joseph
            Assignee: Philipp Bärfuss
             Fix For: 4.3.x
         Attachments: user_task_does_not_save.patch

Several approaches to consider, not all of them necessarily exclusive

* module mechanism could swap the context for the entire process such that only 
read-only HierarchyManager are available
* InstallContext.getHierarchyManager and .get*Node() should provide read-only 
HMs and nodes
* MgnlGroup and associate classes could use the current context (they currently 
use, in part the system context, see notes below)
* the various addRole*, addGroup, addPermission tasks could also work around 
this (see attached patch for a draft/idea)

The classes of i.m.cms.security use a mixture of system and current context. 
They currently use this for 2 reasons: 1) bypass security; it's probably "ok" 
for reading, but not such a good idea for write method. In cases where this is 
needed, we now have the {{doInSystemContext}} approach which could help. 2) 
checking for "duplicates": when adding roles to groups or users, we do {{ 
String newName = Path.getUniqueLabel(sysHM, node.getHandle(), "0");}} to name 
the property into which the added group or role's uuid is saved and avoid 
confict. One possibility for this would be to simply use the uuid as the 
property name as well (would definitely avoid conflicts).

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://jira.magnolia-cms.com/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira



----------------------------------------------------------------
For list details see
http://www.magnolia-cms.com/home/community/mailing-lists.html
To unsubscribe, E-mail to: <[email protected]>
----------------------------------------------------------------

Reply via email to