[
https://issues.apache.org/jira/browse/CAUSEWAY-3303?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Daniel Keir Haywood closed CAUSEWAY-3303.
-----------------------------------------
Resolution: Fixed
> Redefine UserMemento#isSystemUser to instead take into account
> SudoService#accessAll role
> -----------------------------------------------------------------------------------------
>
> Key: CAUSEWAY-3303
> URL: https://issues.apache.org/jira/browse/CAUSEWAY-3303
> Project: Causeway
> Issue Type: Improvement
> Components: Extensions SecMan
> Affects Versions: 2.0.0-M9
> Reporter: Daniel Keir Haywood
> Assignee: Daniel Keir Haywood
> Priority: Minor
> Fix For: 2.0.0-RC1
>
>
> We currently have two very similar notions that are meant to disable
> permission checking (typically for integration tests),
> `UserMemento#isSystemUser`, and separately the `SudoService#ACCESS_ALL` role,
> as set up by the `NoPermissionsCheck` junit 5 extension.
> However, the `TenantedAuthorizationFacetDefault` is only aware of the former
> of these, via `UserService#isCurrentUserWithSystemPrivileges`, and because
> the UserMemento#isSystem is an equality check, the two mechanisms are
> incompatible.
> Luckily, `TenantedAuthorizationFacetDefault` is the only usage of this API.
> Therefore, the purpose of this improvement is to combine these two notions,
> and refactor names from (real) "system user" (aka root) to (effective) user
> (aka sudo).
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
