jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mark Waschkowski" <mwaschkow...@gmail.com>
Subject re:public review of 283 - checkPermission
Date Thu, 26 Jul 2007 13:57:24 GMT
According to 4.9.2 of the spec:
"void checkPermission(String absPath, String actions)
Determines whether this Session has permission to perform the
specified actions at the specified absPath. This method quietly returns
if the access request is permitted, or throws a suitable
java.security.AccessControlException otherwise. "

This method forces a checked exception approach to access control checking
that I find awkward. Many debates have gone on re:checked vs unchecked
exception, but this method looks strange for a number of reasons:
1) the method is called 'checkPermission', so during checking I wouldn't
expect that an AccessControlException is thrown, I would only expect that
exception to be thrown if the system was trying to actually *carry out* an
action of some kind that wasn't allowed, but *not* while simply checking.
2) the method returns void. Why not just return a boolean? Its clearer,
doesn't require as much coding (no try catch), and doesn't force an
exception approach on the caller.

Suggestion:
Deprecate the current method and add in a new method called isPermissable
(that returns a boolean, and no exception) which is a bit more standard
through the use of the 'isXxxx' naming convention.

Best,

Mark

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message