Adam Heath wrote:
> Adrian Crum wrote:
>> By evaluated I mean on a higher level than what you're doing here. I
>> need the *concept* evaluated and commented on. Will this approach to
>> security work? Can we agree on its advantages? Try converting a
>> component over to the new security - was it easier or harder than
>> expected? How will this fit in with your projects? How can it be
>> expanded/improved/made easier?
So, I see a general pattern in these classes, separate push()/pop()
methods, that have to be called correctly. Due to developer error, or
runtime error, it's possible that a pop() might not be called.
I would instead prefer to see this:
T result = Controller.runWith(data, new Callable<T>() {
public T call() throws Exception {
// code
return null;
}
});
runWith can then encapsulate the correct try/catch/finally/push/pop
handling.
ps: OfbizSecurityTransform.execute() should call pushExecutionArtifact
outside of the try, not inside.
