[
https://issues.apache.org/jira/browse/ISIS-2700?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Daniel Keir Haywood updated ISIS-2700:
--------------------------------------
Description:
To summarise what's to be done here:
* we already have a HiddenObjectFacet (currently derived from a "hidden()"
method on the object itself) that can be installed on the ObjectSpecification.
Make it a viewer responsibility that if this exists, hide any collections for
that ObjectSpecification.
* create a further implementation for this facet that is derived from the set
of permissions : if all props are invisible, infer that the object as a whole
is.
* as belt-n-braces, implement a general tenancy evaluator that hides an object
if its ObjectSpecification has this facet.
* similar to the work done in ISIS-2701, we'll should also introduce an
`ApplicationUser_effectiveTypePermissions` mixin to surface this computed set.
Only secman admins should be able to see this collection.
some of the discussion leading to this outcome below (and for the original
discussion, see
[https://the-asf.slack.com/archives/CFC42LWBV/p1621939985113300] )
~~~~~~~~~~~~~~~
A permission that vetoes the viewing of a type (such as in the example below)
is not fully honored. In this concrete case a user that is being assigned a
role with this permission (and no other roles with any permission that would
contradict this permission) could still navigate to an entity page of a
ApplicationUser and would see the title and the the icon and perhaps an empty
metadata tab.
The desired behavior would be the display of an error message saying "Not
authorized or no such object".
!image-2021-05-26-15-18-02-115.png!
This is a screenshot of how the vetoed entity page presents to the user:
!image-2021-05-26-15-20-31-139.png!
was:
To summarise what's to be done here:
* implement a general tenancy evaluator (to filter out "rows" based on the
fact that no "columns" are visible) should be provided out-of-the-box by the
framework.
* In order to support this, we will need to cache or compute efficiently for a
user whether they have access to any columns ... these are in effect the
"effective type permissions".
* so, similar to the work done in ISIS-2701, we'll should also introduce an
`ApplicationUser_effectiveTypePermissions` mixin to surface this computed set.
Only secman admins should be able to see this collection.
discussion leading to this outcome below...
~~~~~~~~~~~~~~~
A permission that vetoes the viewing of a type (such as in the example below)
is not fully honored. In this concrete case a user that is being assigned a
role with this permission (and no other roles with any permission that would
contradict this permission) could still navigate to an entity page of a
ApplicationUser and would see the title and the the icon and perhaps an empty
metadata tab.
The desired behavior would be the display of an error message saying "Not
authorized or no such object".
!image-2021-05-26-15-18-02-115.png!
This is a screenshot of how the vetoed entity page presents to the user:
!image-2021-05-26-15-20-31-139.png!
> If no members visible for type, then veto viewing of _instances_ of that type.
> ------------------------------------------------------------------------------
>
> Key: ISIS-2700
> URL: https://issues.apache.org/jira/browse/ISIS-2700
> Project: Isis
> Issue Type: Improvement
> Components: Isis Extensions SecMan, Isis Viewer Wicket
> Affects Versions: 2.0.0-M5
> Reporter: Martin Hesse
> Priority: Major
> Fix For: 2.0.0-M6
>
> Attachments: image-2021-05-26-15-18-02-115.png,
> image-2021-05-26-15-20-31-139.png
>
>
> To summarise what's to be done here:
> * we already have a HiddenObjectFacet (currently derived from a "hidden()"
> method on the object itself) that can be installed on the
> ObjectSpecification. Make it a viewer responsibility that if this exists,
> hide any collections for that ObjectSpecification.
> * create a further implementation for this facet that is derived from the
> set of permissions : if all props are invisible, infer that the object as a
> whole is.
> * as belt-n-braces, implement a general tenancy evaluator that hides an
> object if its ObjectSpecification has this facet.
> * similar to the work done in ISIS-2701, we'll should also introduce an
> `ApplicationUser_effectiveTypePermissions` mixin to surface this computed
> set. Only secman admins should be able to see this collection.
>
> some of the discussion leading to this outcome below (and for the original
> discussion, see
> [https://the-asf.slack.com/archives/CFC42LWBV/p1621939985113300] )
> ~~~~~~~~~~~~~~~
> A permission that vetoes the viewing of a type (such as in the example below)
> is not fully honored. In this concrete case a user that is being assigned a
> role with this permission (and no other roles with any permission that would
> contradict this permission) could still navigate to an entity page of a
> ApplicationUser and would see the title and the the icon and perhaps an empty
> metadata tab.
> The desired behavior would be the display of an error message saying "Not
> authorized or no such object".
>
> !image-2021-05-26-15-18-02-115.png!
>
> This is a screenshot of how the vetoed entity page presents to the user:
> !image-2021-05-26-15-20-31-139.png!
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
