SEC-863: hierarchical roles should use the interface GrantedAuthority #1118

Closed
spring-issuemaster opened this Issue Jun 2, 2008 · 2 comments

1 participant

@spring-issuemaster

Matthias Koch (Migrated from SEC-863) said:

for using a own implementation of GrantedAuthority,

RoleHierarchyImpl should be changed to use the interface GrantedAuthority with getAuthority() to insert and lookup the keys.

otherwise all own implementations of GrantedAuthority will not work with hierarchical roles.

thank you verry much

mfg Gideon

@spring-issuemaster

Georgy Bolyuba said:

This should fix the problem the way I see it. We cannot work with collections directly, so, I wrap calls to reachableRoles.add() and rolesReachableInOneOrMoreSteps.get(). First a search by authority key is done.

This will work as far as implementation of AccessDecisionVoter does only key (aka authority.getAuthority() ) comparison and does not care about class of GrantedAuthority implementation passed to it.

@spring-issuemaster

Luke Taylor said:

Thanks a lot for the patch. I've applied it as it stands with the exception that I used an anonymous class instead of a custom mock GrantedAuthority implementation. Tests pass OK.

@spring-issuemaster spring-issuemaster added this to the 3.0.0 M1 milestone Feb 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment