[Opensource] Bug in DBController?
Malcolm Wise
malcolm.wise at sde.eu.sony.com
Mon Nov 25 06:17:10 PST 2002
Hi,
I think I've found a bug in DBController.stateAllowed(). I'm making a call
to DBController.stateAllowed() to ensure a user has access. For the user in
question, they do not have access to this particular state but they do have
access to other states within the Controller, so the call to
containsAllowedState() returns false. The following check appears near the
end of the stateAllowed method:
if (!allowed) {
addCachedSecurity(myRequest.getUid(), myRequest.getDBName(),
getClass().getName(), "");
// DelayThread.delay();
if (log.isDebugEnabled()) {
log.debug("User " + myRequest.getUid() +
" denied all states in " +
getClass().getName() +
" in db '" + myRequest.getDBName() + "'");
}
}
which means an entry for the user/controller is added to the cache with no
allowed states for that Controller. When I subsequently call
DBController.stateAllowed() for the state which they should have access to,
the entry in the cache is checked and I get a 'not authorised' message.
I've worked around it by commenting out the code above.
Cheers,
Malcolm Wise
Technology Manager
Sony Semiconductor & Electronic Solutions
Tel. +44(0)1256 388864
http://www.semiconductor.sony-europe.com
*************************************************************************
The information contained in this message or any of its
attachments may be privileged and confidential and intended
for the exclusive use of the addressee. If you are not the
addressee any disclosure, reproduction, distribution or other
dissemination or use of this communication is strictly prohibited
*************************************************************************
More information about the Opensource
mailing list