When wrapping AuditRoleManager it's not possible to use custom options

[tobier]

Since AuditRoleManager assumes, and enforces, a certain type and number of options relating to whitelisting, it's not possible to pass on RoleOptions instances with custom options. The culprit seems to be AuditWhitelistManager.

void createRoleOption(RoleOptions options)
{
    if (options.getCustomOptions().isPresent())
    {
        throw new InvalidRequestException("Whitelist options are not supported in CREATE ROLE statements");
    }

Similar checks are done for alterRole.

[eperott]

Right, ecAudit do put some restrictions on how the custom options are used. The one you mentioned, and some others in alterRoleOption().

The upside of doing this is that it is possible to feedback to the user if there is a typo in the option key. If we're ignoring unknown keys that means we're silently ignoring typos. But this may be something we have to sacrifice.

So, what level of ambition are we looking for here? Should the AuditRoleManger be able to wrap a custom IRoleManager? Or should we assume that "the other" IRoleManager will be "wrapping" the AuditRoleManager, in which case we only need to ignore unrecognized options?

[eperott]

Current behavior is deliberate, so I'm not considering this a bug, but rather a feature request.