BUG: PermissionMetadata doesn't honor @Permission

viviansteller.vivian.steller.uni-ulm.de May 8, 2009 2:29 PM

Hey there,

I think I found a little (not security critical) bug in PermissionMetadata as the method public List<String> listAllowableActions(Class targetClass) of that class doesn't return actions applied through a single @Permission(action = "..."). However, it does so for @Permission annotations wrapped in @Permissions (note the slight but important difference in the suffix -s ;) ).

More precisely the method private synchronized void initClassActions(Class cls) of PermissionMetadata doesn't do its job well:

...
Permissions p = (Permissions) cls.getAnnotation(Permissions.class);
if (p != null)
{
...
}

return...

So it doesn't take a single @Permission into account at all.

Shall I open a JIRA issue for that?
At least from my findings, there is no issue yet.

If you need more info, please let me know. Thanks!

1. Re: BUG: PermissionMetadata doesn't honor @Permission

viviansteller.vivian.steller.uni-ulm.de May 8, 2009 2:31 PM (in response to viviansteller.vivian.steller.uni-ulm.de)

BTW. forgot to mention: Seam version is 2.1.2.CR1
Actions
2. Re: BUG: PermissionMetadata doesn't honor @Permission

shane.bryzak May 9, 2009 12:02 AM (in response to viviansteller.vivian.steller.uni-ulm.de)

Please open a JIRA issue, it should probably do this.
Actions

Go to original post