Current impl of assignRoles() is a no-op if user.hasRole(roleName), but that hasRole() method will return true for roles held by the user due to role inheritance, ie the user does not necessarily have a direct membership in the role.
It would be useful to support role-management tasks where we want to ensure a user is explicitly added as a direct member to a role. I would like hasRole and assignRoles to take something like a boolean asDirectMember flag. Default could remain false (certainly for hasRole, could discuss assignRole).
Current impl of
assignRoles()is a no-op ifuser.hasRole(roleName), but thathasRole()method will return true for roles held by the user due to role inheritance, ie the user does not necessarily have a direct membership in the role.It would be useful to support role-management tasks where we want to ensure a user is explicitly added as a direct member to a role. I would like
hasRoleandassignRolesto take something like aboolean asDirectMemberflag. Default could remain false (certainly forhasRole, could discussassignRole).