THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
- The contract for the interface
MethodInvocationAuthorizerwon't include athrowsclause for theNotAuthorizedExceptionclass, that exception was designed to indicate that the subject is not allowed to execute a particular operation, not to indicate that a problem has occurred and that the authorization can not be determined. Since Geode can't do anything to recover from such errors and doesn't have any insights about the actual implementation, a non checked exception should be thrown whenever there's an error while executing the authorization logic. - Authorizer Implementations won't have Based as part of the actual name since the word doesn't add anything useful to the class name.
- Class name for GeodeBasedMethodAuthorizer was changed to MethodUnrestrictedMethodAuthorizer.
- Method name isKnownDangerousMethod was changed to isPermanentlyForbiddenMethod.
- The IndexManager was modified to throw an exception and mark the index as invalid whenever the removal of an entry from an index fails. This was the behaviour used when adding mappings to an index, so the class was fixed to keep consistency between the different operations and to be able to mark existing indexes as invalid whenever a newly configured
MethodInvocationAuthorizerdoesn't allow the method invocations included within the index expression (see GEODE-7486 and GEODE-7351). - The CQ Engine was modified to always use the most up to date configured
MethodInvocationAuthorizer. Whenever theMethodInvocationAuthorizeris changed in runtime, all running CQs are updated to use it in order to avoid security issues and previously cached results are invalidated/cleared as cached keys may not be valid anymore (see GEODE-7487, GEODE-7497 and GEODE-7351).