[WW-4109] ParameterNameAware Javadoc incorrect - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 2.3.14.3, 2.3.15
Fix Version/s: 2.3.16
Component/s: None
Labels:
None

Description

I think the Javadoc of ParameterNameAware is wrong:

* This interface is implemented by actions that want to declare acceptable parameters. Works in conjunction with {@link 
* ParametersInterceptor}. For example, actions may want to create a whitelist of parameters they will accept or a 
* blacklist of paramters they will reject to prevent clients from setting other unexpected (and possibly dangerous) 
* parameters.

It's not possible to blacklist parameters because of the "or" in:

boolean acceptableName = acceptableName(name)
                    || (parameterNameAware != null && parameterNameAware.acceptableParameterName(name));

Since there was some discussion about this some time ago, i would prefer to make ParameterNameAware deprecate and add a new interface with 3 return values:
-> accept parameter
-> reject parameter
-> no decission, use acceptableName

Another possibility would be to add the result of acceptableName to acceptableParameterName.

e.g. parameterNameAware.acceptableParameterName(name, acceptableName(name)));

The ParameterNameAware-Action can decide, if the result of acceptableName should be overwritten or not.

Thanks
Andi

Attachments

Issue Links

is broken by

WW-3866 Map with String key that contains a non-word character prevents value from being saved

Closed

relates to

WW-4154 Global settings can be omitted in ParametersInterceptor when action implements ParameterNameAware interface

Closed

Activity

People

Assignee:: Lukasz Lenart

Reporter:: Andreas Sachs

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 15/Jun/13 19:05

Updated:: 08/Dec/13 17:21

Resolved:: 21/Oct/13 12:20