But we as the framework don't forget it ! If a developer overwrites isVisible() now then no mather what the developers returns if isRenderedAllowed() returns false then it won't be rendered.
johan On 11/2/07, Igor Vaynberg <[EMAIL PROTECTED]> wrote: > > security is bypassed anyways because most component writers will > forget to do the double check. so neither solution is good. > > -igor > > > On 11/2/07, Johan Compagner <[EMAIL PROTECTED]> wrote: > > > > > > > > > for visibility it is currently: isVisible()&&isRenderAllowed() which > > > makes little sense to me because i have to deal with two concepts: > > > visibility and rendering. from my point of view as a user i dont care > > > to know about rendering, i just want to plop my components down and > > > tweak their visibility. > > > > > > so just introduce an extra final method on component that does just that > > check. > > > > > > when we first introduced this i argued to make isenabled() and > > > isvisible() include the is*allowed() checks, but i didnt win that one > > > back then...but thats another thread. > > > > > > no i still think thats a bad idea, because then isEnabled and isVisible > > must be both final i guess > > because then with simple isVisible override by some developer the > security > > is by passed. > > > > johan > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
