[
https://issues.apache.org/jira/browse/ISIS-1044?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14728953#comment-14728953
]
ASF subversion and git services commented on ISIS-1044:
-------------------------------------------------------
Commit eab298d3425dbf1a4fbacce2124f4943e06f8bb8 in isis's branch
refs/heads/master from [~danhaywood]
[ https://git-wip-us.apache.org/repos/asf?p=isis.git;h=eab298d ]
ISIS-1044: removed the InteractionUtils' withFiltering() and its threadlocal;
removed the disabling of the filtering (in ObjectAdapter.Util#isVisible());
also DeploymentCategoryProvider stuff.
namely:
- added new DeploymentCategoryProviderAware infrastructure, retrofitted
RuntimeContext to provide a DeploymentCategoryProvider (cf
AuthenticationSessionProvider)
- made DeploymentCategoryProvider extend Injectable, so that RuntimeContext's
subcomponents (which include DeploymentCategory) can inject themselves, eg into
facet factories)
- made FacetFactoryAbstract implement AuthenticationSessionProviderAware and
DeploymentCategoryProviderAware, so that all facets will be able to obtain the
authSession and deployment category for themselves (this still to do)
- made FormAbstract, FormComponentPanelAbstract and PanelAbstract all implement
DeploymentCategoryProvider (because they also all implement
AuthenticationSessionProvider)
- made IsisWicketApplication implement DeploymentCategoryProvider (because it
also implements AuthenticationSessionProvider)
also:
- changed order of params in ObjectAction#executeWithRuleChecking(...)
> Table counts and gmap3/fullcalendar2 do not honour any vetoing, eg by
> subscribers or WithApplicationTenancy
> -----------------------------------------------------------------------------------------------------------
>
> Key: ISIS-1044
> URL: https://issues.apache.org/jira/browse/ISIS-1044
> Project: Isis
> Issue Type: Improvement
> Components: Core
> Affects Versions: viewer-wicket-1.7.0
> Reporter: Dan Haywood
> Assignee: Dan Haywood
> Priority: Minor
> Fix For: 1.11.0
>
>
> Suppose that the Isis addon security module is being used with application
> tenancy checking; this means that the Wicket table
> (CollectionContentsAsAjaxTable) will only show rows for those entities for
> which the user is authorized (the visibility has not been vetoed).
> However, the underlying EntityCollectionModel does contain those objects, and
> the size of that collection is what is shown in the "showing 1-5 of 15"
> totals etc rendered at the bottom of the table.
> So the question is: how to ensure that figure is correct?
> * One option is to eagerly check the visibility of every item (even those not
> on the current page).
> * Another option is to suppress the totals, somehow (would require additional
> metadata, along with a worse UI for users
> ~~~
> Related: the gmap3/fullcalendar2/excel Isis addons do not check for the
> object visibility, meaning that they expose information when they should not.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
