A couple of things:
1. CrowdPermissionPolicy is an object that lives inside a BodyObject, thus it cannot use server services like dependency injection, nor BodyLocator. However, that's not a problem because it will never be used by a ClientObject that is not a BodyObject. If there were a way to enforce with parameterized types that it only ever be used in conjunction with a BodyObject, I'd do that, but parallel inheritance hierarchies are not something that any OO type system I'm aware of can reason about. 2. ClientResolver and its children are not singletons. One is created for each client resolution process. I have certainly fallen prey to the same errors during enthusiastic reactions: it looks like a rose, it has thorns like a rose, oh wait, it's a blackberry. git-svn-id: svn+ssh://src.earth.threerings.net/narya/trunk@6319 542714f4-19e9-0310-aa3c-eee0fc999fb1
This commit is contained in:
@@ -21,30 +21,23 @@
|
||||
|
||||
package com.threerings.crowd.data;
|
||||
|
||||
import com.google.inject.Inject;
|
||||
import com.google.inject.Singleton;
|
||||
|
||||
import com.threerings.presents.data.ClientObject;
|
||||
import com.threerings.presents.data.Permission;
|
||||
import com.threerings.presents.data.PermissionPolicy;
|
||||
|
||||
import com.threerings.crowd.chat.data.ChatCodes;
|
||||
import com.threerings.crowd.server.BodyLocator;
|
||||
|
||||
/**
|
||||
* Implements some Crowd permissions.
|
||||
* Implements some Crowd permissions. Note: this is stored <em>inside</em> a {@link BodyObject} and
|
||||
* will only ever be called by a BodyObject. It is sent over the wire and must be usable on the
|
||||
* client and server.
|
||||
*/
|
||||
@Singleton
|
||||
public class CrowdPermissionPolicy extends PermissionPolicy
|
||||
{
|
||||
@Override // from PermissionPolicy
|
||||
public String checkAccess (ClientObject clobj, Permission perm, Object context)
|
||||
{
|
||||
BodyObject body = _locator.forClient(clobj);
|
||||
if (body == null) {
|
||||
return super.checkAccess(clobj, perm, context);
|
||||
}
|
||||
|
||||
BodyObject body = (BodyObject)clobj;
|
||||
if (perm == ChatCodes.BROADCAST_ACCESS) {
|
||||
return body.getTokens().isAdmin() ? null : ACCESS_DENIED;
|
||||
} else if (perm == ChatCodes.CHAT_ACCESS) {
|
||||
@@ -53,6 +46,4 @@ public class CrowdPermissionPolicy extends PermissionPolicy
|
||||
return super.checkAccess(clobj, perm, context);
|
||||
}
|
||||
}
|
||||
|
||||
@Inject protected transient BodyLocator _locator;
|
||||
}
|
||||
|
||||
@@ -21,10 +21,6 @@
|
||||
|
||||
package com.threerings.crowd.server;
|
||||
|
||||
import com.google.inject.Inject;
|
||||
import com.google.inject.Injector;
|
||||
import com.google.inject.Singleton;
|
||||
|
||||
import com.threerings.presents.data.ClientObject;
|
||||
import com.threerings.presents.data.PermissionPolicy;
|
||||
import com.threerings.presents.server.ClientLocal;
|
||||
@@ -36,7 +32,6 @@ import com.threerings.crowd.data.CrowdPermissionPolicy;
|
||||
/**
|
||||
* Used to configure crowd-specific client object data.
|
||||
*/
|
||||
@Singleton
|
||||
public class CrowdClientResolver extends ClientResolver
|
||||
{
|
||||
@Override // from ClientResolver
|
||||
@@ -54,8 +49,6 @@ public class CrowdClientResolver extends ClientResolver
|
||||
@Override // from ClientResolver
|
||||
public PermissionPolicy createPermissionPolicy ()
|
||||
{
|
||||
return _injector.getInstance(CrowdPermissionPolicy.class);
|
||||
return new CrowdPermissionPolicy();
|
||||
}
|
||||
|
||||
@Inject protected Injector _injector;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user