[
https://issues.apache.org/jira/browse/RAVE-331?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13143306#comment-13143306
]
Anthony Carlucci commented on RAVE-331:
---------------------------------------
Yes, an admin gets all permissions in the Default[Model]PermissionEvaluators
the way they are coded right now. The parent
AbstractModelPermissionEvaluator#hasPermission function checks to see if the
user is an admin, which superseeds all other permission checks.
Just to clarify - are you going to create the isRegistered function or did you
want me to do it (fine either way)
> Error when trying to upload a duplicate gadget url to widget store
> ------------------------------------------------------------------
>
> Key: RAVE-331
> URL: https://issues.apache.org/jira/browse/RAVE-331
> Project: Rave
> Issue Type: Bug
> Affects Versions: 0.5-INCUBATING
> Reporter: Anthony Carlucci
> Assignee: Anthony Carlucci
> Priority: Minor
> Fix For: 0.6-INCUBATING
>
> Attachments: stacktrace.log
>
>
> How to Reproduce
> --------------------------
> 1) Login to Rave as any user
> 2) Upload a gadget to the widget store - verify it was added successfully
> 3) Go back and try to add the same gadget url again
> 4) You will see the standard "rave has suffered a brief meltdown" page
> The issue is that the DefaultWidgetService.registerNewWidget function returns
> a null Widget object if it finds the URL already in the system. The
> RavePermissionEvaluator.hasPermission functions are not properly dealing with
> potential null objects and thus a NPE is thrown.
> How to Fix
> ----------------
> 1) Improve the RavePermissionEvaluator.hasPermission methods to check for and
> safely handle possible null objects.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
