Hello, I add an improvement issue for the creation of a roles interface. I think that it will be preferable to simple take out the final word from the class. If there is still no objections, please let me know and, if you prefer, I will make the necessary changes and provide them to you so that you can validate them (my knowledge of the framework is not enough to make changes without being controlled, even if the changes in this case are simple). Thank you.
Cheers, Nuno -----Original Message----- From: Nuno Pedro Jacinto [mailto:[email protected]] Sent: 07 March 2013 20:34 To: [email protected] Subject: RE: Final class org.apache.wicket.authroles.authorization.strategies.role.Roles Hello, Thank you for your answers. In my case I just need to make a more efficient way to check some roles for specific actions on one of my applications. By being able to extend the Roles I can keep the management of this ones in one class, avoiding having problems on future changes (they will most probably be done by others and we know how hard is to manage the code of others even if it is a small application). Just in case you are wondering, this check is not related with the wicket authorization classes, that part is manage on the standard way. Is for validating the visualization of some data by row content. Does any of you see any inconvenient of requesting this class not to be final or to be an interface so that I can in one class manage all the role permissions? Thank you. Cheers, Nuno -----Original Message----- From: Sebastien [mailto:[email protected]] Sent: 07 March 2013 16:32 To: [email protected] Subject: Re: Final class org.apache.wicket.authroles.authorization.strategies.role.Roles Hi Nuno, Hi Sven Well, I am just curious about the use case (the reason why you want to extend Roles). I think authors (Eelco & Jonathan) had a reason(s) to mark it final. Probably because this class is related to the security and marking it final would prevent a security threat by overriding it and making a "mistake" inside. Furthermore, maybe is it a way to indicates that roles usage/handling should be managed using an IAuthorizationStrategy because it is not the purpose of Roles... Thanks & best regards, Sebastien. On Thu, Mar 7, 2013 at 4:16 PM, Sven Meier <[email protected]> wrote: > I don't see a particular reason. > > Open an issue please. > > Sven > > > On 03/07/2013 10:34 AM, Nuno Pedro Jacinto wrote: > >> Good morning, >> >> Is there a reason why the Roles class is final? >> Thank you. >> >> Cheers, >> Nuno >> > >
