[MGNLSTK-482] STKUtil.currentUserHasOneRole should not modify the user's role collection Created: 15/Oct/09 Updated: 23/Jan/13 Resolved: 12/Feb/10 |
|
| Status: | Closed |
| Project: | Magnolia Standard Templating Kit (closed) |
| Component/s: | base system |
| Affects Version/s: | None |
| Fix Version/s: | 1.3 |
| Type: | Improvement | Priority: | Major |
| Reporter: | Zdenek Skodik | Assignee: | Magnolia International |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||
| Template: |
|
||||
| Acceptance criteria: |
Empty
|
||||
| Date of First Response: | |||||
| Description |
|
currently the STKUtil.currentUserHasOneRole modifies the allRoles collection directly which can lead to loss of roles of logged user. We can use the CollectionUtils.containsAny(allRoles, roles) instead. |
| Comments |
| Comment by Magnolia International [ 12/Feb/10 ] |
|
Done on trunk - there is a slight behaviour change, highlighted by STKUtilTest#testCurrentUserHasOneRoleReturnsTrueIfNoRolesAreRequired. The previous implementation used to return false if no role was required (the collection passed to the method). It now returns true (if no role is required, the user should be allowed) All usages of this method were surrounded by checks to see if the passed collection was not empty, so this change should not have any impact. |