ACL change Permission#getMask() type from "int" to "long"

[belovaf]

Expected Behavior

Permission#getMask() returns long.

Current Behavior

Permission#getMask() returns int.

Context In our project we have very complex security restrictions. We have a lot of tiny permissions (1 bit for each) which we compose to a single mask permission. We reached a limit of int size (32 bits). I think java.util.BitSet mask will be perfect in our case, but it will be breaking change. But if we change a mask type to a long it will be a completely backward compatible change. And I think that 64 bits will be enough for us.

Will you accept PR from me with this change?

[jzheaux]

Thanks for the suggestion, @belovaf. Unfortunately, it would not be backward compatible. An application that is doing:

int mask = permission.getMask();

would no longer compile since the type is being narrowed from long to int.

Given that, we wouldn't be able to accept this change.

[belovaf]

Thank you for such a fast response!

And can we do something like this (choose either getBitSetMask or getLongMask):

interface Permission extends Serializable {
    int getMask();

    default BitSet getBitSetMask() {
        return BitSet.valueOf(new long[]{getMask()});
    }

    default long getLongMask() {
        return getMask();
    }
}

And then we can change BasicLookupStrategy implementation to use new default method. In this case we don't brake clients code and enable mask bigger than 32 bits.

getBitSetMask looks much more flexible, but we should accept dynamic length mask patterns. getLongMask is much easier to implement.

Can you give your feedback about this implementation?

[rwinch]

Given this breaks passivity, we should consider it for 6.0.x or close as invalid.

[dimasmessias]

@rwinch Is there any plan to increase the mask size? We reached the limit and we can't add any more permissions due to that.