[jira] Commented: (JCR-2910) Please add JackrabbitSession.isAdmin()

Tue, 08 Mar 2011 07:12:23 -0800 

    [ 
https://issues.apache.org/jira/browse/JCR-2910?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13003987#comment-13003987
 ] 

Jukka Zitting commented on JCR-2910:
------------------------------------

> a lot of code

That's not a good reason to introduce flawed design. The issue description 
already outlines two workarounds that currently work with three or just one 
line of code. They have similarly problems as the proposed isAdmin() method, 
but at least they don't require changes to public API. As a longer term 
solution we should get rid of such sloppy administration features and make them 
proper parts of the repository implementation.

What I'm trying to avoid here is encouraging client code like this:

    if (session.isAdmin()) {
        doSomethingThatOnlyAdminsAreAllowedToDo();
    }

It's too easy to accidentally or on purpose forget the isAdmin() call from 
above, in which case you have an instant security issue.

The above code is perfectly fine within the implementation (and is also how our 
normal access controls fundamentally work), but should not be used at the 
client level. To borrow the Unix example, no Unix system allows a backup 
program to access all system data just on the assumption that the program 
should first check the geteuid() return value.


> Please add JackrabbitSession.isAdmin()
> --------------------------------------
>
>                 Key: JCR-2910
>                 URL: https://issues.apache.org/jira/browse/JCR-2910
>             Project: Jackrabbit Content Repository
>          Issue Type: Improvement
>            Reporter: Thomas Mueller
>            Priority: Minor
>
> Currently finding out if the session user is an admin requires:
> JackrabbitSession js = (JackrabbitSession) session;
> User user = ((User) js.getUserManager().getAuthorizable(session.getUserID()));
> boolean isAdmin = user.isAdmin();
> Or: ((SessionImpl) session).isAdmin(). However casting to an implementation 
> is problematic for several reasons.
> I think it would make sense to add isAdmin() to the JackrabbitSession 
> interface, so the code above would be:
> ((JackrabbitSession) session).isAdmin()

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to