jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Thomas Mueller (JIRA)" <j...@apache.org>
Subject [jira] Commented: (JCR-2910) Please add JackrabbitSession.isAdmin()
Date Tue, 08 Mar 2011 14:47:01 GMT

    [ https://issues.apache.org/jira/browse/JCR-2910?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13003972#comment-13003972

Thomas Mueller commented on JCR-2910:

> So you want a backup feature that should both work with virtual repositories

No. But it might still be a virtual repository. Plus, as I already wrote, it's not just backup.
There is a lot of code (most of it no my code) that needs this admin check, and it would be
a lot of work to convert everything. From what I know, it's cluster configuration, data store
garbage collection, index configuration, managing storage, managing workspaces, some diagnostic
functions, data store import, some testing and profiling, some LDAP features. All those features
currently check for admin rights in some way. Most of then either use getUserID().equals("admin")
or cast to an implementation class. If you want to convert all that code, please feel free

> SessionImpl.isAdmin

OK, that means the following code wouldn't always work? (((User) js.getUserManager().getAuthorizable(session.getUserID()))

Well, if the only reliable way is SessionImpl.isAdmin(), then let's add JackrabbitSession.isAdmin().
I agree with Felix, getUser() would be nice, and I don't understand how there could be "no"
user. But JackrabbitSession.isAdmin() is OK as well. 

What is definitely *not* ok is:
- casting to implementation, 
- or Session.getUserID().equals("admin"), 
- or requiring to change a lot of code.

> Please add JackrabbitSession.isAdmin()
> --------------------------------------
>                 Key: JCR-2910
>                 URL: https://issues.apache.org/jira/browse/JCR-2910
>             Project: Jackrabbit Content Repository
>          Issue Type: Improvement
>            Reporter: Thomas Mueller
>            Priority: Minor
> Currently finding out if the session user is an admin requires:
> JackrabbitSession js = (JackrabbitSession) session;
> User user = ((User) js.getUserManager().getAuthorizable(session.getUserID()));
> boolean isAdmin = user.isAdmin();
> Or: ((SessionImpl) session).isAdmin(). However casting to an implementation is problematic
for several reasons.
> I think it would make sense to add isAdmin() to the JackrabbitSession interface, so the
code above would be:
> ((JackrabbitSession) session).isAdmin()

This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

View raw message