Closed GoogleCodeExporter closed 9 years ago
Here's the patch to apply for secureDispatch.
I'll be working on a three way system like I've explained (Normal, Secure,
Admin) and
submit a patch for that. I'll work on a permission system working with Secure
or/and
Admin if activated. A system where you can bind place with right to a specific
user.
Since gwtp is tyed togeter, I think that will be a really nice feature to add.
Alors, for
my work project, it's something asked by my supervisor, so I'll be working on
that in
the next month or so.
In meantime, it will really help me if you accept this patch :)
Original comment by goudreau...@gmail.com
on 24 Mar 2010 at 1:28
Attachments:
To tell you the truth, I haven't spent too much time looking at the secure
dispatch
code.
I'm not a big fan of hardcoding paths like "dispatch" or "secureDispatch"
inside
platform. This should really be a user decision I think. Same thing for the
number of
available services.
For the moment, I'm happy to apply your patch, but it's probably something I'll
want
to revisit later. See Issue 89.
Original comment by philippe.beaudoin
on 24 Mar 2010 at 4:45
I didn't think about that a lot, but in that case I think we can simply remove
the
hardcoded path from gwtp. With issue 69, the user can specify a base path +
action and
then we can simply configure this in the user filter.
That will completely remove any hardcoded path ! Anyway, are you interested by
the
other things that I've proposed ?
Original comment by goudreau...@gmail.com
on 24 Mar 2010 at 5:08
Re: More than two context
Shouldn't the user be responsible for creating as many contexts as he wants? Is
there
something preventing this in the current design?
Original comment by philippe.beaudoin
on 24 Mar 2010 at 5:15
- Is there
something preventing this in the current design?
No, nothing at all, but the hardcoded path that we spoke about.
- Shouldn't the user be responsible for creating as many contexts as he wants?
The user can always be responsible for whatever he wants. I only think that a
good,
robust and flexible user rights api built in GwT-P could be something useful
since it
can be reused easily and it's always something that come up when you start
asking
yourself how your users will interact with your app.
Note that I propose something non mandatory, the user will still be able to
implement their own implementation. It's still in incubation in my mind, but I
think
I'll come up with something really useful.
Original comment by goudreau...@gmail.com
on 24 Mar 2010 at 6:21
I admit I haven't started figuring out security concerns in PuzzleBazar. Maybe
there
truly is a "best practice" solution that should be encouraged by gwtp. I'll
definitely
consider that. Meanwhile, your patch has landed in r159.
Original comment by philippe.beaudoin
on 24 Mar 2010 at 6:57
Moved to GWTP:
http://code.google.com/p/gwt-platform/issues/detail?id=9
Original comment by philippe.beaudoin
on 27 Mar 2010 at 6:02
Original issue reported on code.google.com by
goudreau...@gmail.com
on 23 Mar 2010 at 5:34