Jason van Zyl wrote:
> Rafal, in the TurbineSecurity.getRole(name) it doesn't
> appear in the underlying code that the permissions
> are set for a role?
>
> BaseSecurityService.getRole(name) does not call
>
> role.setPermissions(getPermissions(role));
>
> So the permissions are not set when a role
> is retrieved. Was this intentional? I think
> the permissions for a role should be set.
>
It's a leftover from the old system. It is not used during
permission checking process by the AccessControlList class.
We might either remove the properties collection from the
Role, or put the references in there, as you are suggesting
as a convenience feature (I assume that you find it useful
in the admin app, am I right?).
thanks,
Rafal
--
Rafal Krzewski
Senior Internet Developer
mailto:[EMAIL PROTECTED]
+48 22 8534830 http://e-point.pl
------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Search: <http://www.mail-archive.com/turbine%40list.working-dogs.com/>
Problems?: [EMAIL PROTECTED]
