Ronald Wildenberg wrote:
> - however, the node numbers for all these nodes are retrieved by asking
> for a field named 'object.number'
> int nodenr = node.getIntValue(((Step)steps.get(j)).getTableName() +
> ".number");
> - the nodes that were returned do not have these fields, since they only
> have fields named 'number', not 'object.number'
You're right that is is not correct. But I don't understand that it yields empty
results.
For the sake of the problem I removed the check function from a security
implementaiton and it seems
that it simply returns every node, unchecked, which is consistent with the code of
BasicCloud:
boolean mayRead = true;
for (int j = 0; mayRead && (j < steps.size()); ++j) {
int nodenr = node.getIntValue(((Step)steps.get(j)).getTableName() + ".number");
if (nodenr != -1) {
mayRead = auth.check(user, nodenr, Operation.READ);
}
}
If it is NodeQuery, there would e.g. be only one step, and the field is 'number', so
node.getIntValue("object.number") would give -1, because this field does not exist.
So, mayRead
remains true.
Btw, there should actually be a break in this loop if mayRead becomes false (you
should not finish the
loop then, because mayREad may become true again then..)..... oops..
Michiel
--
Michiel Meeuwissen mihxil'
Mediacentrum 140 H'sum [] ()
+31 (0)35 6772979 nl_NL eo_XX en_US
