Daniel Keir Haywood created ISIS-3220:
-----------------------------------------
Summary: in simpleapp, as sven, we "recentAuditTrail" mixin
action (and similar) even though have no perms to return type.
Key: ISIS-3220
URL: https://issues.apache.org/jira/browse/ISIS-3220
Project: Isis
Issue Type: Bug
Components: Isis Core
Affects Versions: 2.0.0-M8
Reporter: Daniel Keir Haywood
Fix For: 2.0.0-RC1
Instead, we should have a facet that surpresses the visibliity of the action if
the user has no perms to view it.
Believe we do this for properties and collections already; so it's either a
matter of extending this logic to actions, or to tracking down a bug if we
already have it implemented.
To reproduce:
- log on to simpleapp sven, who has no perms to view AuditLogEntry, but does
have access to 'recentAuditTrailEntries' mixin action.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
