This stacktrace you are talking about, can you provide me a pointer of anykind so i can look at it? What is the overhead of using such a method.is was more thinking to something like this Cloud cloud = Security.getCloud()
and / or Security.getAnonCloud()
and in Security something like public Cloud getCloud(){ Class class getCallerClass() // via stacktrace or something else //check what security the class may have return (cloud); // :) }
Your aproach makes it possible to invalidate the cloud after a call was made but other than that i see no apparent reason to code like this. if you want to do different things in you class you might have to build a state machine so that runCloud can do different things every time. Or worse you can assing the cloud to a local instance.
Or use a seperate class, which behaves the way you want the have it. (you could define the following innerclass(<-- not a public!!)
class getCloud implements TrustedThing {
private Cloud m_cloud;
Cloud getCloud(String user, String application) {
MMBase.getMMBaseCop().GetAuthorization().runCloud(user,application, this);
return m_cloud;
}
void runCloud(Cloud cloud){
m_cloud = cloud;
}
}I think modules./other classes will want to listen to node changes. Maybe they even only want to listen to changes made by "their" cloud instance so that they can react on it.(invalidate data)Is this listening you are refering to a core thing? then i should sya,.. listen to the core without security and when a change has to be done on the cloud like a certain user,.. do it as this user.
When listening on the cloud(is this possible nowadays?) i would say that when the cloud is invalid, the eventhandler should registrate itselver a gain to a new cloud and start listening again.
A cloud is a wrapper in my vision, so we should use it as a wrapper and not as somekind of caching instance(to much overhead).Yes. pretty nasty :) if you are not programming jsp pages ore a trying to reuse clouds this is not a very nice feature.When the cloud gets invalid, the cloud has to be obtained again, thus meaning that the security has to be checked again (the cloud can be set invalid by the security iirc)
I'd like to look at it as an Connection with the database, since it can also be broken.
hoi
-- Time is on my side,....
Eduard Witteveen +316 414 789 23
