Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CDI security: Unannotated inherited methods may be restricted when they should not #4992

Closed
michalszynkiewicz opened this issue Oct 29, 2019 · 1 comment · Fixed by #5074
Closed

CDI security: Unannotated inherited methods may be restricted when they should not #4992

michalszynkiewicz opened this issue Oct 29, 2019 · 1 comment · Fixed by #5074
Assignees
@michalszynkiewicz
Labels
kind/bug Something isn't working
Milestone
1.0.0.CR2

Comments

@michalszynkiewicz
Copy link
Member

Describe the bug
For the case in the $subject, determineSecurityAnnotationFromBindings#determineSecurityAnnotationFromBindings returns annotations from the subclass even if the method is not overriden

Expected behavior
If we want to be consistent with JSR 250 section 2.1 point 4, constraint from the subclass should not be applied here.

To Reproduce
Steps to reproduce the behavior:
Run CDIAccessDefaultTest.shouldAccessInheritedAllowedMethod separately
@michalszynkiewicz michalszynkiewicz added the kind/bug Something isn't working label Oct 29, 2019
@michalszynkiewicz
Copy link
Member Author

thanks @aureamunoz for finding it!

It would be best to move figuring out the check to build time when solving this issue.

@michalszynkiewicz michalszynkiewicz self-assigned this Oct 30, 2019
michalszynkiewicz added a commit to michalszynkiewicz/quarkus that referenced this issue Oct 31, 2019
@michalszynkiewicz
CDI security determined at build time, fixes quarkusio#4992
2e430d7
michalszynkiewicz added a commit to michalszynkiewicz/quarkus that referenced this issue Oct 31, 2019
@michalszynkiewicz
CDI security determined at build time, fixes quarkusio#4992
5440043
michalszynkiewicz added a commit to michalszynkiewicz/quarkus that referenced this issue Oct 31, 2019
@michalszynkiewicz
CDI security determined at build time, fixes quarkusio#4992
1e95b73
gsmet pushed a commit to michalszynkiewicz/quarkus that referenced this issue Oct 31, 2019
@michalszynkiewicz @gsmet
CDI security determined at build time, fixes quarkusio#4992
7af9ede
michalszynkiewicz added a commit to michalszynkiewicz/quarkus that referenced this issue Nov 1, 2019
@michalszynkiewicz
CDI security determined at build time, fixes quarkusio#4992
a9d5069
aureamunoz pushed a commit to aureamunoz/quarkus that referenced this issue Nov 5, 2019
@michalszynkiewicz @aureamunoz
CDI security determined at build time, fixes quarkusio#4992
ae9e46d
michalszynkiewicz added a commit to michalszynkiewicz/quarkus that referenced this issue Nov 6, 2019
@michalszynkiewicz
CDI security determined at build time, fixes quarkusio#4992
c73b678
michalszynkiewicz added a commit to michalszynkiewicz/quarkus that referenced this issue Nov 6, 2019
@michalszynkiewicz
CDI security determined at build time, fixes quarkusio#4992
40baf58
michalszynkiewicz added a commit to michalszynkiewicz/quarkus that referenced this issue Nov 6, 2019
@michalszynkiewicz
CDI security determined at build time, fixes quarkusio#4992
c4cd46e
@michalszynkiewicz michalszynkiewicz mentioned this issue Nov 11, 2019
Merged
geoand pushed a commit to geoand/quarkus that referenced this issue Nov 11, 2019
@michalszynkiewicz @geoand
CDI security determined at build time, fixes quarkusio#4992
328c1fa
geoand pushed a commit to geoand/quarkus that referenced this issue Nov 12, 2019
@michalszynkiewicz @geoand
CDI security determined at build time, fixes quarkusio#4992
9913589
michalszynkiewicz added a commit to michalszynkiewicz/quarkus that referenced this issue Nov 12, 2019
@michalszynkiewicz
CDI security determined at build time, fixes quarkusio#4992
1654c8c
michalszynkiewicz added a commit to michalszynkiewicz/quarkus that referenced this issue Nov 13, 2019
@michalszynkiewicz
CDI security determined at build time, fixes quarkusio#4992
ef19580
michalszynkiewicz added a commit to michalszynkiewicz/quarkus that referenced this issue Nov 13, 2019
@michalszynkiewicz
CDI security determined at build time, fixes quarkusio#4992
7f502cd
michalszynkiewicz added a commit to michalszynkiewicz/quarkus that referenced this issue Nov 13, 2019
@michalszynkiewicz
CDI security determined at build time, fixes quarkusio#4992
a4b4c68
@gsmet gsmet added this to the 1.0.0.Final milestone Nov 14, 2019
gsmet pushed a commit that referenced this issue Nov 14, 2019
@michalszynkiewicz @gsmet
CDI security determined at build time, fixes #4992
c1f5552
jmartisk pushed a commit to jmartisk/quarkus that referenced this issue Nov 15, 2019
@michalszynkiewicz @jmartisk
CDI security determined at build time, fixes quarkusio#4992
7c0840b
gsmet pushed a commit that referenced this issue Nov 15, 2019
@michalszynkiewicz @gsmet
CDI security determined at build time, fixes #4992
bba983c
ia3andy pushed a commit to dmlloyd/quarkus that referenced this issue Nov 19, 2019
@michalszynkiewicz @ia3andy
CDI security determined at build time, fixes quarkusio#4992
7593870
mmusgrov pushed a commit to mmusgrov/quarkus that referenced this issue Dec 13, 2019
@michalszynkiewicz @mmusgrov
CDI security determined at build time, fixes quarkusio#4992
0933b71
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@michalszynkiewicz michalszynkiewicz

Labels
kind/bug Something isn't working
Projects
None yet
Milestone
1.0.0.CR2
Development

Successfully merging a pull request may close this issue.

CDI security determined at build time michalszynkiewicz/quarkus
2 participants
@gsmet @michalszynkiewicz