I have read the discussion
here about not throwing RecordNotFoundException from the
method and it makes sense.
So firstly, what I've done is to throw a SecurityException if the record number specified is indeed locked and the cookie doesn't match that which was used to lock the record.
Secondly, if the record number specified does not exist in the 'lockedRecords' Map (meaning its not a locked record), I also throw a SecurityException with a message that tells the user that: 'You must first lock a record before you can unlock it.' Of course my lock() method throws RNFE as appropariate.
However, I'm wondering whether this second part is necessary or whether a SecurityException is the appropriate exception to throw if a user specifies a record number that is not locked (as described above)?
Suggestions? Confirmations? Criticisms?
Thanks
Olu
[Edit: changing subject line to make more sense]