Permission revocation [message #1069912] |
Tue, 16 July 2013 21:37 |
Boy D'Poy Messages: 67 Registered: October 2011 |
Member |
|
|
Hi!
How could one for example at closing session time revoke all permissions of the current user, since the proxy implementation of IAccessControlService is nop at clearCacheOfUserIds(String... userIds)?
Once You Go Scout, You Never Come Out!
|
|
|
Re: Permission revocation [message #1070317 is a reply to message #1069912] |
Wed, 17 July 2013 18:15 |
Boy D'Poy Messages: 67 Registered: October 2011 |
Member |
|
|
Ok, I found the solution,
one should do something like this in AbstractClientSession :
@Override
protected void execStoreSession() throws ProcessingException {
...
SERVICES.getService(IAccessControlService.class).clearCache();// Proxy call!
...
}
The clearCache() call will just clear the currentUser's cache and then afterwards a call to the remote IAccessControlService#getPermissions() will be made on the Scout server.
So that if one gets its permissions from a custom store as I do, he has to give the Scout server side's AbstractAccessControlService#m_accessControlStore a chance to to reset the currentUser's permissions, by calling AbstractAccessControlService#clearCacheOfUserIds(String... userIds) otherwise he will wait for 3600 seconds that is the store's TTL
Thanks
Once You Go Scout, You Never Come Out!
|
|
|
Powered by
FUDForum. Page generated in 0.04390 seconds