Alon Bar-Lev has posted comments on this change. Change subject: aaa: Remove userId parameter from LogoutUserCommand ......................................................................
Patch Set 1: (1 comment) https://gerrit.ovirt.org/#/c/38403/1/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LogoutBySessionCommand.java File backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LogoutBySessionCommand.java: Line 26 Line 27 Line 28 Line 29 Line 30 not sure I follow, but every command we issue has engine context, and within there is the session id, can't we use this? it is more secure as user will not be able to logout other users. -- To view, visit https://gerrit.ovirt.org/38403 To unsubscribe, visit https://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: Ia33c7dfd908c68ac06b717c0452e3de4564f35a7 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Martin Peřina <[email protected]> Gerrit-Reviewer: Alon Bar-Lev <[email protected]> Gerrit-Reviewer: Martin Peřina <[email protected]> Gerrit-Reviewer: Oved Ourfali <[email protected]> Gerrit-Reviewer: Yevgeny Zaspitsky <[email protected]> Gerrit-Reviewer: [email protected] Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
