[MGNLSTK-482] STKUtil.currentUserHasOneRole should not modify the user's role collection Created: 15/Oct/09  Updated: 23/Jan/13  Resolved: 12/Feb/10

Status: Closed
Project: Magnolia Standard Templating Kit (closed)
Component/s: base system
Affects Version/s: None
Fix Version/s: 1.3

Type: Improvement Priority: Major
Reporter: Zdenek Skodik Assignee: Magnolia International
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Cloners
Template:
Acceptance criteria:
Empty
Date of First Response:

 Description   

currently the STKUtil.currentUserHasOneRole modifies the allRoles collection directly which can lead to loss of roles of logged user. We can use the CollectionUtils.containsAny(allRoles, roles) instead.



 Comments   
Comment by Magnolia International [ 12/Feb/10 ]

Done on trunk - there is a slight behaviour change, highlighted by STKUtilTest#testCurrentUserHasOneRoleReturnsTrueIfNoRolesAreRequired.

The previous implementation used to return false if no role was required (the collection passed to the method). It now returns true (if no role is required, the user should be allowed)

All usages of this method were surrounded by checks to see if the passed collection was not empty, so this change should not have any impact.

Generated at Mon Feb 12 07:27:27 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.