[jira] [Commented] (SHIRO-332) Change access level of method 'isPermitted' in org.apache.shiro.realm.AuthorizingRealm (line 461) from private to protected

[Emond Papegaaij (JIRA)]

    [ 
https://issues.apache.org/jira/browse/SHIRO-332?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13539955#comment-13539955
 ] 

Emond Papegaaij commented on SHIRO-332:
---------------------------------------

I agree, and the same is true for getPermissions, resolvePermissions and 
resolveRolePermissions, where the last two can be made final. In our 
application, resolving permissions for a role is quite expensive and is not 
something you would want to repeat for every permission check, so I'm trying to 
add caching. This caching should take place in getPermissions, but to change 
that method, I had to copy over 100 lines of code to my subclass, where simply 
overriding getPermissions and delegating to super should have been enough. For 
resolvePermissions and resolveRolePermissions, it's a bit different. It's not 
very likely someone ever needs to change those, but they can be handy in a 
subclass, hence protected final.
                
> Change access level of method  'isPermitted' in  
> org.apache.shiro.realm.AuthorizingRealm  (line 461)  from private to protected
> -------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: SHIRO-332
>                 URL: https://issues.apache.org/jira/browse/SHIRO-332
>             Project: Shiro
>          Issue Type: Improvement
>          Components: Authorization (access control) 
>    Affects Versions: 1.1.0
>            Reporter: clifford harms
>            Priority: Minor
>              Labels: api-change, authorization, authorizing-realm
>   Original Estimate: 1h
>  Remaining Estimate: 1h
>
> In org.apache.shiro.realm.AuthorizingRealm, line 461, the method     private 
> boolean isPermitted(Permission permission, AuthorizationInfo info)    should 
> have its access level set to protected.  This method is the ideal method to 
> override If a developer wishes to change how a  realm that extends 
> AuthorizingRealm interacts with the AuthorizationInfo when permissions are 
> checked.  This is because all of the  'isPermitted' method overloads delegate 
> the actual permission checking to this method.  As the class stands now, all 
> of the isPermitted overloads have to be  re-implemented as overrides to 
> Authorizing realm in order for the developer to safely change this behavior. 

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira