Re: [xwiki-devs] [proposal] Add xcontext.dropPermissions() function to take away all programming/script author permissions when called.

I think this function would be useful, I have used code like it to make sure scripts didn't run with PR when they shouldn't and I think it deserves a place in the api. The function doesn't need any special privileges to run, but after it's run, api.Api#hasProgrammingRights will always return false and api.Document#saveAsAuthor will be attempting to save as the guest instead of the real document author. (likewise with getDocumentAsAuthor and deleteAsAuthor) Once permissions have been dropped, they cannot be regained (for the duration of the request.) This depends on another function in api.Api which is package private. String getEffectiveScriptAuthorName() returns the name given by XWikiContext.getDoc().getAuthor() unless dropPermissions() has allready been called or XWikiContext.getDoc() == null in which case it returns the guest username. Why in the old api.Context? I envision in the future a SecurityManager component will exist which distrusts not only script but core java as well. I think the option to drop privileges when unneeded should also be present in the final security manager implementation. Since security managers require a large secure code base to be useful, I am proposing api.Context#dropPermissions() as an interim solution. WDYT? Caleb _______________________________________________ devs mailing list devs(a)xwiki.org http://lists.xwiki.org/mailman/listinfo/devs