Why not use names instead of numbers?

[jjustice]

As I've been reading through the Acegi documentation and looking at the code, it all looks very nice, but one point made me think 'Ugh, how annoying, why didn't they just...'

It seems a pain to make developers write code like this:

<authz:acl domainObject="${contact}" hasPermission="16,1">
<td><A HREF="<c:url value="del.htm"><caram name="contactId" value="${contact.id}"/></c:url>">Del</A></td>
</authz:acl>


Wouldn't it be much nicer, and not that much work for the framework, to allow:

<authz:acl domainObject="${contact}" hasPermission="DELETE,READ">
<td><A HREF="<c:url value="del.htm"><caram name="contactId" value="${contact.id}"/></c:url>">Del</A></td>
</authz:acl>


I've always hated the int constants for enumerations. Why not use something like the commons ValuedEnum to track these and then allow use of the Name instead of forcing the developers to keep track of meaningless numbers?

If we decide to use Acegi, I will probably try to extend the framework in this way. But if there's a good reason why this wasn't done already, I'd like to find out before I try!

Thanks!

[Ben Alex]

It was done this way as internally the ACL services use integer masking and have no specific binding to enumeration names. I agree the taglib you've posted could be improved, and we welcome patches in JIRA. One approach might be to provide a taglib that obtains a Properties instance from the application context, and then relies on the Properties instance to map between a permission name and its integer equivalent. Alternatively, reflection could be used to look at public static final integers against the returned AclEntry and compare these with the hasPermission String.