jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jukka Zitting (JIRA)" <j...@apache.org>
Subject [jira] Commented: (JCR-2910) Please add JackrabbitSession.isAdmin
Date Tue, 08 Mar 2011 13:28:59 GMT

    [ https://issues.apache.org/jira/browse/JCR-2910?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13003933#comment-13003933
] 

Jukka Zitting commented on JCR-2910:
------------------------------------

> casting to an implementation

If your code works purely on the JCR API level, then the API should already enforce any access
controls you need. Why do you then need the isAdmin() method?

If you go below the JCR API, then you're already accessing implementation details and using
SessionImpl.isAdmin() shouldn't be a problem.

> Please add JackrabbitSession.isAdmin
> ------------------------------------
>
>                 Key: JCR-2910
>                 URL: https://issues.apache.org/jira/browse/JCR-2910
>             Project: Jackrabbit Content Repository
>          Issue Type: Improvement
>            Reporter: Thomas Mueller
>            Priority: Minor
>
> Currently finding out if the session user is an admin requires:
> JackrabbitSession js = (JackrabbitSession) session;
> User user = ((User) js.getUserManager().getAuthorizable(session.getUserID()));
> boolean isAdmin = user.isAdmin();
> Or: ((SessionImpl) session).isAdmin(). However casting to an implementation is problematic
for several reasons.
> I think it would make sense to add isAdmin() to the JackrabbitSession interface, so the
code above would be:
> ((JackrabbitSession) session).isAdmin()

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message