Niklas,
What do you think about making User more basic, ie, more abstract,
having only one method such as getEnabled(). Then push everything else
up higher, like the Authority[]. This way we can allow other User-code
styles that may not use the those mappings or approaches. In other
words keep the interface very basic.
There are many different styles or flavors of "User" implementations,
one for example could be based on nss/pam or another which uses a
database where these current default User can cause a problem(s).
Some-what related is the concept of how different file systems handle
home directories, the native one wants one, but many virtual file
systems do not. Unfortunately that "baggage" comes along with the base
User interface, regardless if it's implemented or not.
The other benefit of making the User class more basic is that we can
clearly split out authentication and authorization. These are related
but not the same, and the default User should not define them. Leave
this up to a higher class such as BaseUser or a user's custom User
implementation. Keeping in mind that authentication asks the question
"Who are you?" and authorization asks the question "Okay, I know who you
are, now what are you allowed to do?". So keep the authentication and
authorization in separate interfaces, and do not make them mandatory in
the base User class.
Also keep in mind that even the concept of a user name is different. For
some user name means the login name, for others the persons full name,
and yet for others it may only be the first or last name. So specifying
any type of user name in the base User class is probably not a good
idea. Leave the user name definition to a higher level class.
While it is possible to create a "super" User interface that extends
other interfaces, this is not really a good idea for other reasons. It
too would eventually lock the code to an implementation that may not be
desirable in the future. Best to keep things separate, then join them at
the implementation class.
Proposed Basic User Interface
--------------------
public interface User {
boolean getEnabled();
}
Example: Users Implementation
-----------------------------------
public class MyVirtualUser implements
User,MyAuthentication,MyAuthorization {
...
MySession getSession() {
return this.mySession;
}
int getUid() {
return this.uid;
}
boolean getEnabled() {
return this.isEnabled;
}
...
}
Example: In the FileSystemManager
------------------------
public FileSystemView createFileSystemView(User user) {
MyVirtualUser myUser (MyVirtualUser) user;
if (myUser.getEnabled) {
MySession session = myUser.getSession();
int uid = myUser.getUid();
...
}
}
What do you think, just keep the User interface very basic, one method only?
Andy Thomson
