jackrabbit-oak-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Angela Schreiber <anch...@adobe.com>
Subject Re: svn commit: r1537553 - in /jackrabbit/oak/trunk: oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/accesscontrol/ oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authorization/accesscontrol/ oak-core/src/test/jav...
Date Thu, 31 Oct 2013 18:55:58 GMT
this is public API and i don't want to break existing code. originally
i thought that restrictions will never be multivalued, otherwise i would
have defined the original extension differently (right away with an array).

on the other hand i am sure that a given implementation of the OAK
restriction provider will be very specific on whether a given restriction
can/must be single value or multivalued.

and i decided not to follow your other proposal (using separate interface
for 
the restrictions in jackrabbit-api) and this would lead to major changes
throughout 
the security api just to make it consistent... i felt that this is not
worth
the effort.

kind regards
angela

On 10/31/13 7:34 PM, "Tobias Bocanegra" <tripod@apache.org> wrote:

>Hi,
>
>> --- 
>>jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi
>>/security/authorization/accesscontrol/ImmutableACL.java (original)
>> +++ 
>>jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi
>>/security/authorization/accesscontrol/ImmutableACL.java Thu Oct 31
>>16:54:20 2013
>> @@ -76,6 +76,11 @@ public class ImmutableACL extends Abstra
>>      }
>>
>>      @Override
>> +    public boolean addEntry(Principal principal, Privilege[]
>>privileges, boolean isAllow, Map<String, Value> restrictions,
>>Map<String, Value[]> mvRestrictions) throws AccessControlException {
>> +        throw new AccessControlException("Immutable ACL. Use
>>AccessControlManager#getPolicy or #getApplicablePolicies in order to
>>obtain an modifiable ACL.");
>> +    }
>> +
>> +    @Override
>
>Can't we just use the "Map<String, Value[]> mvRestrictions" argument?
>having both seems a bit awkward. or is there a difference if I specify
>a restriction with an 1 value array or a restriction with 1 value?
>
>
>Regards, Toby


Mime
View raw message