Uploaded image for project: 'DSpace'
  1. DSpace
  2. DS-84

Improve API for "IgnoreAuthorization" blocks - ID: 1687783

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 1.5.1
    • Fix Version/s: 1.5.2
    • Component/s: DSpace API
    • Labels:
      None
    • Attachments:
      0
    • Comments:
      0

      Description

      The bug fix 1480496 (Cannot turn off "ignore authorization" flag!)
      has shown that the authorization method setIgnoreAuthorization() is not
      friendly. In fact if we have two blocks that require authorization check
      to false and these blocks are nested, as in the following example:
      ...[some java code here]...
      setIgnoreAuthorization(true) // start of first block
      ---my first block without authorization check
      ---my first block without authorization check
      ---my first block without authorization check
      ------setIgnoreAuthorization(true) // start of second block
      ------my second block without authorization check
      ------my second block without authorization check
      ------my second block without authorization check
      ------setIgnoreAuthorization(false) // end of second block
      ---other code in first block
      setIgnoreAuthorization(false) // end of first block
      ...
      the "other code in first block" is executed with authorization check and
      does not work. It will be really too easy to come up with this situation
      (actually possible for my patch automapper) with the new code called by
      the Event System, so it should be fixed.
      The simple solution, implemented in this patch, is to store the previous
      state of authorization check
      before changing it, and to restore it at the end of the "special" block.
      This patch:
      1) add two methods: TurnOffAuthorizationSystem /
      RestoreAuthorizationSystem, with some code that can also be useful when the
      debug is on to see "malformed" (XML-like) authorization blocks (thanks to
      James Rutherford for some useful suggestions);
      2) set the setIgnoreAuthoritation methods to deprecated.
      3) refactor any call to setIgnoreAuthorization in dspace code to use the
      new methods

        Attachments

          Activity

            People

            Assignee:
            Unassigned
            Reporter:
            bollini Andrea Bollini (4Science)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: