What I would want to is annotate the properties to say whether the
getter/setter should be autogenerated, that way it leaves control to
the developer. I like the idea of the addition of a roles check for
authorization to call specific setters/getters.
Also, is the autogenerated setter/getter secure? Remember, java
passes by value... the value is a reference to the original object
except for primitive types, in which case it is a copy of the
primitive (e.g. String). So for object references, if I use the
getter to get a CFC reference (e.g. myFoo.getBar() returns a Bar CFC),
and then modify a property of that CFC using its setter (e.g.
bar.setFooBarBlah("blah...")) ... did I just modify the private
instance of bar that is held by Foo? This can result in some pretty
interesting vulnerabilities... (Yes, this is probably overkill, but
why not enquire...)
-dhs
Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"Great spirits have often encountered violent opposition from weak
minds."
--Einstein
On Jun 18, 2008, at 2:33 PM, Cameron Childress wrote:
These sorts of questions are why people participate in alpha/beta
programs. These are all points which should be brought up and aired
out WAY before the final bits ship. Some thoughts come to mind....
1) Add "access" attributes to cfproperty for public/private
2) Add "roles" attribute for authorization
3) Override anything that required more complex logic
4) Type attribute already exists in cfproperty, implicit getter setter
could check types based on that
These already exist in other areas of CF. Would be intuitive to add
them.
This is pretty much how ActionScript 3 works BTW.
-Cameron
On Wed, Jun 18, 2008 at 12:01 PM, Dean H. Saxe
<[EMAIL PROTECTED]> wrote:
Which of course sucks if you want encapsulation and limits on the
setters/getters based on authorization. Is this controllable in some
manner?
-dhs
Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"Free speech exercised both individually and through a free press,
is a
necessity in any country where people are themselves free."
-- Theodore Roosevelt, 1918
On Jun 18, 2008, at 10:39 AM, Douglas Knudsen wrote:
"Implicit getters/setters
The cfproperty will generate the implicit getters and setters on the
backend to save you from writing the code."
nice! Was overriding mentioned for these?
DK
On Wed, Jun 18, 2008 at 10:28 AM, John Mason
<[EMAIL PROTECTED]> wrote:
I just posted my notes from the keynote this morning at my blog,
www.codfusion.com The keynote covered a lot of new features
coming in the
next release of Coldfusion.
John Mason
[EMAIL PROTECTED]
770.337.8363
www.FusionLink.com - ColdFusion and Flex hosting
Now offering VPS Plans running with VMware technology
Now offering ColdFusion 8 Enterprise hosting
FREE Subversion hosting
-------------------------------------------------------------
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform
For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-------------------------------------------------------------
--
Douglas Knudsen
http://www.cubicleman.com
this is my signature, like it?
-------------------------------------------------------------
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform
For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-------------------------------------------------------------
-------------------------------------------------------------
To unsubscribe from this list, manage your profile
@http://www.acfug.org?fa=login.edituserform
For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-------------------------------------------------------------
--
Cameron Childress
Sumo Consulting Inc
http://www.sumoc.com
---
cell: 678.637.5072
aim: cameroncf
email: [EMAIL PROTECTED]
-------------------------------------------------------------
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform
For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-------------------------------------------------------------
-------------------------------------------------------------
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform
For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-------------------------------------------------------------