[
https://issues.apache.org/jira/browse/ISIS-2614?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Daniel Keir Haywood updated ISIS-2614:
--------------------------------------
Description:
TODO:
use abstract superclasses, single layout
don't allow user to see their permissions.
bug: filterPermissions prompts down to member, but only shows at the type level.
bug: veto viewing only disables (eg ApplicationUser#addRole or #lock actions
for a regular user).
fix this bug:
* accidentally created two roles with the same identifier. This resulted in
no fixtures being seeded. My guess is there was an unlogged SQL exception.
{code:java}
public class RoleAndPerms__UserRw extends
AbstractRoleAndPermissionsFixtureScript {
public RoleAndPerms__UserRw() {
super("user-rw",
"Read-write access to entire application");
}
// ...
} {code}
and (by mistake)...
{code:java}
public class RoleAndPerms__UserRo extends
AbstractRoleAndPermissionsFixtureScript {
public RoleAndPerms__UserRo() {
super("user-rw", <<<<< my mistake was
here
"Read-only access to entire application");
}
// ...
}{code}
~~~~~~~~~~~~~~~
DONE - update the @Configuration's, make sure they declare the correct services
DONE (enough) - update the docs (pre- and post- hooks etc).
specifically:
* DONE - clean-up @Configuration imports and service definitions (so there is
less config needed for framework user)
* DONE - clean-up layouts.
** [https://github.com/apache/isis/pull/490] (Martin Hesse's change to dialog
modal) ... already merged to master
** implement as ".fallback" layouts.
* DONE - write missing documentation on how to configure
was:
TODO:
use abstract superclasses, single layout
don't allow user to see their permissions.
filterPermissions prompts down to member, but only shows at the type level.
fix this bug:
* accidentally created two roles with the same identifier. This resulted in
no fixtures being seeded. My guess is there was an unlogged SQL exception.
{code:java}
public class RoleAndPerms__UserRw extends
AbstractRoleAndPermissionsFixtureScript {
public RoleAndPerms__UserRw() {
super("user-rw",
"Read-write access to entire application");
}
// ...
} {code}
and (by mistake)...
{code:java}
public class RoleAndPerms__UserRo extends
AbstractRoleAndPermissionsFixtureScript {
public RoleAndPerms__UserRo() {
super("user-rw", <<<<< my mistake was
here
"Read-only access to entire application");
}
// ...
}{code}
~~~~~~~~~~~~~~~
DONE - update the @Configuration's, make sure they declare the correct services
DONE (enough) - update the docs (pre- and post- hooks etc).
specifically:
* DONE - clean-up @Configuration imports and service definitions (so there is
less config needed for framework user)
* DONE - clean-up layouts.
** [https://github.com/apache/isis/pull/490] (Martin Hesse's change to dialog
modal) ... already merged to master
** implement as ".fallback" layouts.
* DONE - write missing documentation on how to configure
> productionise secman a bit more (finish off ImpersonsateUserAdvisor)
> --------------------------------------------------------------------
>
> Key: ISIS-2614
> URL: https://issues.apache.org/jira/browse/ISIS-2614
> Project: Isis
> Issue Type: Improvement
> Components: Isis Extensions SecMan
> Affects Versions: 2.0.0-M5
> Reporter: Daniel Keir Haywood
> Assignee: Daniel Keir Haywood
> Priority: Minor
> Fix For: 2.0.0-M6
>
>
> TODO:
> use abstract superclasses, single layout
> don't allow user to see their permissions.
> bug: filterPermissions prompts down to member, but only shows at the type
> level.
> bug: veto viewing only disables (eg ApplicationUser#addRole or #lock actions
> for a regular user).
> fix this bug:
> * accidentally created two roles with the same identifier. This resulted in
> no fixtures being seeded. My guess is there was an unlogged SQL exception.
>
> {code:java}
> public class RoleAndPerms__UserRw extends
> AbstractRoleAndPermissionsFixtureScript {
> public RoleAndPerms__UserRw() {
> super("user-rw",
> "Read-write access to entire application");
> }
> // ...
> } {code}
> and (by mistake)...
> {code:java}
> public class RoleAndPerms__UserRo extends
> AbstractRoleAndPermissionsFixtureScript {
> public RoleAndPerms__UserRo() {
> super("user-rw", <<<<< my mistake was
> here
> "Read-only access to entire application");
> }
> // ...
> }{code}
>
>
> ~~~~~~~~~~~~~~~
> DONE - update the @Configuration's, make sure they declare the correct
> services
> DONE (enough) - update the docs (pre- and post- hooks etc).
>
> specifically:
> * DONE - clean-up @Configuration imports and service definitions (so there
> is less config needed for framework user)
> * DONE - clean-up layouts.
> ** [https://github.com/apache/isis/pull/490] (Martin Hesse's change to
> dialog modal) ... already merged to master
> ** implement as ".fallback" layouts.
> * DONE - write missing documentation on how to configure
>
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
