CALL FOR: Cloud.getPossibleContexts() / Authorization.getPossibleContexts()
I a trying to fix a bug that has crawled into 1.8 when we introduced
datatypes. It has to do with the generated dropdown box of the 'owner'
field when you create a new node, or when you try to search for one.
This dropdown box contain possible context for the new node or search.
The expected values should likely be a list of all contexts (depending
the security system used), but right now it only shows one context: the
default context of the user.
To properly solve this bug, it becomes necessary to add a
'getPossibleContexts' method to both the Authorization abstract class
and the bridge Cloud object (and it's basic implementation).
Below are the diffs for these classes, and for the
SecurityContextDatatype class.
The default implementation does the same as the current system (only
returns the user's default context), but security implementations can
change the method to return other values (appropriate to the user, if
needed).
Since this is a change in the bridge, this would require a vote.
Since I can imagine people would rather not change the bridge in 1.8, I
ask you to vote for inclusion in 1.8 and 1.9 seperately.
START OF VOTING: 2006-09-04 11:30
END OF CALL: 2006-09-07 11:30
[_] +1 (YES, in 1.8 and 1.9)
[_] +1 (YES, in 1.9 only)
[_] +0 (ABSTAIN)
[_] -1 (NO), because :
[_] VETO, because :
Code Diffs:
diff -r1.23 Authorization.java
11a12,14
> import java.util.Set;
> import java.util.HashSet;
>
14d16
< import java.util.Set;
166a169,184
> * This method could be overrided by an extending class.
> * This method returns a list of contexts availabel to a
user when creating or searching for an object.
> * The default implementation returns only the user's own
default context.
> * @param user The UserContext, containing the information
> * about the user.
> * @return a <code>Set</code> of <code>String</code>s which
> * represent a context in readable form..
> * @exception SecurityException
> */
> public Set getPossibleContexts(UserContext user) throws
SecurityException {
> Set contexts = new HashSet();
> contexts.add(user.getOwnerField());
> return contexts;
> }
>
> /**
diff -r1.58 Cloud.java
592c592
<
---
>
649a650,658
> /**
> * Contacts the security implementation to find out to which
possible contexts are
> * available to the current user.
> *
> * @return A StringList containing the contexts which can be used
by teh suer
> * @throws SecurityException When appropriate rights to perform
this are lacking (read rights)
> */
> public StringList getPossibleContexts();
>
diff -r1.161 BasicCloud.java
755a756,759
> public StringList getPossibleContexts() {
> return new
BasicStringList(mmbaseCop.getAuthorization().getPossibleContexts(getUser()));
> }
>
diff -r1.4 SecurityContextDataType.java
38,69c38,51
<
< if (node == null) {
< return new Iterator() {
< private boolean next = true;
< public boolean hasNext() {
< return next;
< }
< public Object next() {
< String defaultContext =
cloud.getUser().getOwnerField();
< next = false;
< return new Entry(defaultContext, defaultContext);
< }
< public void remove() {
< throw new UnsupportedOperationException();
< }
< };
< } else {
< String value = field != null ?
node.getStringValue(field.getName()) : null;
< return new Iterator() {
< StringIterator i =
node.getPossibleContexts().stringIterator();
< public boolean hasNext() {
< return i.hasNext();
< }
< public Object next() {
< String val = i.nextString();
< return new Entry(val, val);
< }
< public void remove() {
< throw new UnsupportedOperationException();
< }
< };
< }
---
> return new Iterator() {
> StringList list = node == null ?
cloud.getPossibleContexts() : node.getPossibleContexts();
> StringIterator iterator = list.stringIterator();
> public boolean hasNext() {
> return iterator.hasNext();
> }
> public Object next() {
> String val = iterator.nextString();
> return new Entry(val, val);
> }
> public void remove() {
> throw new UnsupportedOperationException();
> }
> };
--
Pierre van Rooden
Mediapark, C 107 tel. +31 (0)35 6772815
"Hard work may pay off in the long run, but laziness always pays off
right now."
_______________________________________________
Developers mailing list
Developers@lists.mmbase.org
http://lists.mmbase.org/mailman/listinfo/developers