[ https://issues.apache.org/jira/browse/JCR-2910?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13003921#comment-13003921 ]
Thomas Mueller commented on JCR-2910: ------------------------------------- It's a security issue. Only admin users are allowed to backup the repository, or change the configuration using the GUI. I expect to use this method in quite a few places. Creating a utility method is possible of course, but it would just make things more complicated. > something like session.checkPermission("/", "admin") Which would be very ugly, don't you agree? SessionImpl.isAdmin() is already implemented, why make things more complicated than really necessary? If you like complicated, please explain *why*. > Please add JackrabbitSession.isAdmin > ------------------------------------ > > Key: JCR-2910 > URL: https://issues.apache.org/jira/browse/JCR-2910 > Project: Jackrabbit Content Repository > Issue Type: Improvement > Reporter: Thomas Mueller > Priority: Minor > > Currently finding out if the session user is an admin requires: > JackrabbitSession js = (JackrabbitSession) session; > User user = ((User) js.getUserManager().getAuthorizable(session.getUserID())); > boolean isAdmin = user.isAdmin(); > Or: ((SessionImpl) session).isAdmin(). However casting to an implementation > is problematic for several reasons. > I think it would make sense to add isAdmin() to the JackrabbitSession > interface, so the code above would be: > ((JackrabbitSession) session).isAdmin() -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira