Inside an access control block, one can write:

predicate user( c : Credentials ) {
	securityContext.loggedIn && ( securityContext.principal.hasAdminRights || securityContext.principal == c )
}
predicate user( c : Credentials ) {
	false
}

The WebDSL compiler is completely fine with this, but the generated java code is rejected, since this introduces the same function twice in the same class. Worse, though, is that this simple makes no sense, so should be rejected anyway.

Note that the same can be done by using access control blocks in different app files which each hold the same definition.

Submitted by Thomas Schaap on 24 March 2010 at 12:03

On 24 March 2010 at 12:17 Danny Groenewegen commented:

The constraints for functions probably don't take predicates into account yet, they haven't seen much use outside of the paper. Wouldn't surprise me if overloading is broken as well for predicates.

Log in to post comments