2 Replies Latest reply on Dec 9, 2009 5:39 PM by Shane Bryzak

    Permission mask problem

    francesco milesi Newbie

      Hi everybody.


      I am using Seam 2.2.0.GA. I had the following bean:


      @Name("testManager")
      @Scope(ScopeType.EVENT)
      public class UserManager {
      
              @Restrict
              public String update() {
                      // do something
              }
      }



      Security checks worked fine for target testManager and action update.
      Then I tried to use the @Permission annotation to use a mask (just to experiment). So before @Name I put:


      @Permissions ({
              @Permission(action="update", mask=1)
      })
      



      and in the action database field I substituded '1' to 'update'. The permission is no more given because in JpaPermissionStore.listPermissions, there is the following line



      if (target != null && (action == null || (actionSet != null && actionSet.contains(action))))
      


      and


      actionSet.contains(action) 
      


      is false because action equals update but actionSet contains only an Action with value 1 (my mask.....) and it looks as if the mapping between update and 1 is not resolved.