[Logo] JForum - Powering Communities
  [Search] 搜尋   [Recent Topics] 最新主題   [Hottest Topics] 熱門主題   [Top Downloads] 熱門下載   [Members] 會員列表   [Groups] 回首頁 
[Moderation Log] 管理日誌   [Register] 會員註冊 /  [Login] 登入 


JForum 2.5.0 released, download it from here.
Calrification about permission check in canAccess() method  RSS feed
討論區首頁 » Developer Forum
發表人 內容
Mo3tazElHawary


註冊時間: 2014/11/11
文章: 1
離線
Hi,

I need a clarification about
@ net.jforum.repository.SecurityRepository
public static boolean canAccess(int userId, String roleName, String value) {
return (value != null ? pc.canAccess(roleName, value) : pc.canAccess(roleName)); <------
}
why if the (value == null ) , it calls ( pc.canAccess(roleName))
That causes a bug that if the user don't have a permission (like:perm_create_sticky_announcement_topics)on a forum (A) , but have it on another forum (B), he will get that permission on (A) too
 
討論區首頁 » Developer Forum
前往:   
行動版
Powered by JForum 2.5.0 © 2018 JForum Team • Maintained by Andowson Chang and Ulf Dittmer