[jira] Commented: (FTPSERVER-185) Methods User#getAuthorities() is not used and should removed from the interface

Mon, 29 Sep 2008 14:13:36 -0700 

    [ 
https://issues.apache.org/jira/browse/FTPSERVER-185?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12635535#action_12635535
 ] 

Andrea Francia commented on FTPSERVER-185:
------------------------------------------

If we need let to know is a user is allowed to do something then we can just 
add a 

  boolean isAuthorized(AuthorizationRequest request) 

method to the User interface and let the User implementations like BaseUser 
handle it as they will.

I reported this issue because, during the creation of my User class,  I 
encoutered some problem implementings these getAuthorities() methods as they 
seems designed with the BaseUser implementation in mind.

> Methods User#getAuthorities() is not used and should removed from the 
> interface
> -------------------------------------------------------------------------------
>
>                 Key: FTPSERVER-185
>                 URL: https://issues.apache.org/jira/browse/FTPSERVER-185
>             Project: FtpServer
>          Issue Type: Bug
>          Components: Ftplets
>            Reporter: Andrea Francia
>
> As far I understand the User interface should specify how the User 
> implementations should communicates with the ftpserver.
> The ftpserver doesn't known directly if a user is should be authorized to 
> perform a specific action but it delegate this decisione to the User 
> implementation.
> As I can see from the source code the method for determining if a user can 
> perform a specific action is:
> public interface User {
>    AuthorizationRequest authorize(AuthorizationRequest request);
>   ...
> }
> So I don't see the purpose of put in the interface these methods:
>     Authority[] getAuthorities();
>     Authority[] getAuthorities(Class<? extends Authority> clazz);
> These methods are not used by the ftpserver so they should not go in the 
> interface.
> The interface beetween two entities should be keep simple as possible. 
> The getAutorirhies() methods are used only by the specific implementation of 
> User named BaseUser, another implementation of User should be free to choose 
> another method for handling permissions.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to