[jira] [Updated] (WW-4117) RolesInterceptor ignores disallowedRoles when allowedRoles are configured

Cam Morris (JIRA) Wed, 19 Jun 2013 09:21:22 -0700

     [ 
https://issues.apache.org/jira/browse/WW-4117?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Cam Morris updated WW-4117:
---------------------------

    Attachment: patch.txt

The attached patch changes the RolesInterceptor.  It includes unit tests for 
how I think RolesInterceptor should behave.  It also includes a solution for 
WW-4118.
                
> RolesInterceptor ignores disallowedRoles when allowedRoles are configured
> -------------------------------------------------------------------------
>
>                 Key: WW-4117
>                 URL: https://issues.apache.org/jira/browse/WW-4117
>             Project: Struts 2
>          Issue Type: Bug
>          Components: Core Interceptors
>            Reporter: Cam Morris
>         Attachments: patch.txt
>
>
> The isAllowed method of RolesInterceptor does not enforce the disallowedRoles 
> when allowedRoles are configured.  ex:
> {code}    
> <interceptor-ref name="roles">
>   <param name="allowedRoles">authenticated</param>
>   <param name="disallowedRoles">restrictedUser</param>
> </interceptor-ref>
> {code}

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Updated] (WW-4117) RolesInterceptor ignores disallowedRoles when allowedRoles are configured

Reply via email to