-
Notifications
You must be signed in to change notification settings - Fork 24
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Protect by id and type of entity #186
Conversation
Although the title seems to be missing something, this PR adds a nice new flexibility! |
} | ||
|
||
// if we could not find an exact match, we'll try to use the "next best" | ||
// from the entity hierarchy |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This will possibly give you true for a class that isn't the best choice, right?
Consider:
A.java (With a matching DAO)
⇧
B.java (With a matching DAO)
⇧
C.java (With a matching DAO)
⇧
D.java (No DAO)
If entityClass is an instance of D
, we'll drop here, as we do not have a direct dao-match. The best bet for a dao would be the C-Dao
, but when we iterate, isAssignableFrom
will be true for any of the parent classes (btw. their daos). We might end up with the not-well-suited A-Dao, for example.
Did I understand this correctly? Amnd if so, can getSuperclass()
help? We could then factor ot the doa finding into a small methdi that we could call reapeatedly unto i we actually have the best bet. What do you think?
Pleas give this PR a better title and also please take the time to think about the longer remark I added to the diff. Regardless of whether you take the suggestion, this is good to go IMO. Thanks @buehner. Please merge at will (taking or ignoring my suggestion). |
Yes. You're right @marcjansen But this will probably never be a "real" problem as we only need a DAO to call So i will merge this PR now and open a new issue to adress your proposal. |
I just opened #187 |
This PR introduces an implementation of the
which is based on the ID and the type of a target entity.
The implementation provided here searches for a matching DAO, retrieves the entity from the database and simply calls the (existing) implementation of
hasPermission
with the object.Two methods in the
MapService
and theLayerGroupService
now make use of the new implementation.Please review