[jboss-jira] [JBoss JIRA] (WFLY-1789) RBAC: OperationContextImpl.readResourceForUpdate is missing an authorize call
Ladislav Thon (JIRA)
jira-events at lists.jboss.org
Wed Jul 31 09:37:26 EDT 2013
[ https://issues.jboss.org/browse/WFLY-1789?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12794232#comment-12794232 ]
Ladislav Thon commented on WFLY-1789:
-------------------------------------
I remember discussing this with Brian, but I see that the TODO is still in the code. So I'm leaving this open and assigned to Brian.
> RBAC: OperationContextImpl.readResourceForUpdate is missing an authorize call
> -----------------------------------------------------------------------------
>
> Key: WFLY-1789
> URL: https://issues.jboss.org/browse/WFLY-1789
> Project: WildFly
> Issue Type: Feature Request
> Components: Domain Management
> Reporter: Ladislav Thon
> Assignee: Brian Stansberry
>
> [This issue was in fact found on 2013-07-09 and is being filled now only for tracking purposes.]
> During code inspection, I found one method in the {{OperationContextImpl}} class that is IMHO missing an {{authorize}} call: {{readResourceForUpdate}}. Compare with {{readModelForUpdate}}. See TODO in the code.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list