[ELY-806] missing Permission parameters handling #592
Conversation
| @@ -435,13 +435,19 @@ public static Permission createPermission(final Class<? extends Permission> perm | |||
| } | |||
| } | |||
| try { | |||
| if (twoArg != null) { | |||
| if (twoArg != null && name != null && actions != null) { | |||
There was a problem hiding this comment.
Normally it's OK to call a permission constructor with no name or actions, and sometimes the two-arg constructor is the only one available even if the permission type ignores the arguments.
Is there a failure case here?
There was a problem hiding this comment.
Well that is problem... in such case I will not obtain info that the problem is in missing argument (or which one?)...
There was a problem hiding this comment.
Only the permission implementation class can know what arguments are required or what their constraints are, unfortunately.
There was a problem hiding this comment.
Can we rely that IllegalArgumentException is thrown at least?
(If not, I think it will be better to close this issue without fix as not fixable then exception hacking...)
There was a problem hiding this comment.
Unfortunately no. Some classes may throw NPE - deliberately or accidentially.
| * | ||
| * @author <a href="mailto:jkalina@redhat.com">Jan Kalina</a> | ||
| */ | ||
| public class InvalidNamedArgumentException extends IllegalArgumentException { |
There was a problem hiding this comment.
I don't like this too much. I'd prefer to rely on localized error messages instead, unless there's something that can be done about the exception by automated code.
There was a problem hiding this comment.
The reason is automatic rewriting of permission constructor argument name (like "name") to subsystem resource attribute ("target-name") when catching and rethrowing in subsystem.
https://issues.jboss.org/browse/ELY-806
Related subsystem part: wildfly-security/elytron-subsystem#319