[jbossseam-issues] [JBoss JIRA] Commented: (JBSEAM-3380) Masks do not work

Vinicius Carvalho (JIRA) jira-events at lists.jboss.org
Fri Sep 5 08:03:38 EDT 2008 

    [ https://jira.jboss.org/jira/browse/JBSEAM-3380?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12428375#action_12428375 ] 

Vinicius Carvalho commented on JBSEAM-3380:
-------------------------------------------

>From what I've seen so far, the problem is on the jpaPermissionStore on the protected List<Permission> listPermissions(Object target, Set<Object> targets, String action) method.

Here goes a few scenarios I've tried:

first: Identity.hasPermission(Author.class,"view")

The method fetches the userPermissions (List userPermissions = permissionQuery.getResultList();)

But when deciding what permissions should be added to the permissions list, on the line 635:

 actionSet = metadata.createActionSet(target.getClass(), 
                  actionProperty.getValue(permission).toString());

since my target is an Author class, clalling its getClass, returns java.lang.Class which does not have any Permission anotation, hence the actionSet is not created properly

Same happens if I use:

Identity.hasPermission("Author","view")

Now, since my object is an String, it will pass an java.lang.String class to the actionset.

So, this is breaking all the permission functionality of the framework :(



> Masks do not work
> -----------------
>
>                 Key: JBSEAM-3380
>                 URL: https://jira.jboss.org/jira/browse/JBSEAM-3380
>             Project: Seam
>          Issue Type: Bug
>    Affects Versions: 2.1.0.BETA1
>            Reporter: Vinicius Carvalho
>
> The masks features for the Permissions do not work at all :(
> For instance, if I have this class:
> @Permissions({
> 	@Permission(action="view",mask=1),
> 	@Permission(action="manage",mask=2)
> })
> public class Author implements Serializable 
> And add a permission with mask =3, would it mean that I have both view and manage permissions.
> But ... :
> Identity.instance().hasPermission(Author.class, "1");
> Returns false. Also, would be really nice if I could:
> Identity.instance().hasPermission(Author.class, "view");
> That doesn't work either :(
> From what I've seen so far it seems that PermissionMetadata and ActionSet are not being correctly initialized. 
> Regards

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the seam-issues mailing list