Hi Shawn, some question regarding page 4.2 - Check access:
wondering if it wouldn't be easier to extend the AccessMgr.checkAccess
method to take more parameters, like :
boolean result = accessMgr.checkAccess( session, objectName,
operationName );
The Permission object you have to create is a bit of a useless burden:
the user knows which object he wants to operate on, and which operation
it wants to apply.
Also why don't we pass the session as a parameter on this call:
AccessMgr accessMgr = AccessMgrFactory.createInstance(session);
instead of
AccessMgr accessMgr = AccessMgrFactory.createInstance();
wdyt?
On 02/08/2022 17:56, Emmanuel Lécharny wrote:
Hi Shawn,
just looking at page "4.2 - Check access" [1], the first line says:
"Perform user RBAC authorization. This function returns a Boolean value
meaning whether the subject of a given session is allowed *not* to
perform a given operation on a given object."
I think it should rather be:
Perform user RBAC authorization. This function returns a Boolean value
meaning whether the subject of a given session is allowed --- to perform
a given operation on a given object.
wdyt?
--
*Emmanuel Lécharny - CTO* 205 Promenade des Anglais – 06200 NICE
T. +33 (0)4 89 97 36 50
P. +33 (0)6 08 33 32 61
[email protected] https://www.busit.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
