[jira] [Commented] (ISIS-3303) Redefine UserMemento#isSystemUser to instead take into account SudoService#accessAll role
[ https://issues.apache.org/jira/browse/ISIS-3303?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17644760#comment-17644760 ] ASF subversion and git services commented on ISIS-3303: --- Commit 3dc857a473347f88d2a7077a4ab65bc4caf33aa7 in isis's branch refs/heads/ISIS-3303 from Dan Haywood [ https://gitbox.apache.org/repos/asf?p=isis.git;h=3dc857a473 ] ISIS-3303: fixes regression test, adds a new one > Redefine UserMemento#isSystemUser to instead take into account > SudoService#accessAll role > - > > Key: ISIS-3303 > URL: https://issues.apache.org/jira/browse/ISIS-3303 > Project: Isis > Issue Type: Improvement > Components: Isis Extensions SecMan >Affects Versions: 2.0.0-M9 >Reporter: Daniel Keir Haywood >Assignee: Daniel Keir Haywood >Priority: Minor > Fix For: 2.0.0-RC1 > > > We currently have two very similar notions that are meant to disable > permission checking (typically for integration tests), > `UserMemento#isSystemUser`, and separately the `SudoService#ACCESS_ALL` role, > as set up by the `NoPermissionsCheck` junit 5 extension. > However, the `TenantedAuthorizationFacetDefault` is only aware of the former > of these, via `UserService#isCurrentUserWithSystemPrivileges`, and because > the UserMemento#isSystem is an equality check, the two mechanisms are > incompatible. > Luckily, `TenantedAuthorizationFacetDefault` is the only usage of this API. > Therefore, the purpose of this improvement is to combine these two notions, > and refactor names from (real) "system user" (aka root) to (effective) user > (aka sudo). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (ISIS-3303) Redefine UserMemento#isSystemUser to instead take into account SudoService#accessAll role
[ https://issues.apache.org/jira/browse/ISIS-3303?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17644741#comment-17644741 ] ASF subversion and git services commented on ISIS-3303: --- Commit 9cce8147b08c20321018d13c497446ae752344ca in isis's branch refs/heads/ISIS-3303 from Dan Haywood [ https://gitbox.apache.org/repos/asf?p=isis.git;h=9cce8147b0 ] ISIS-3303: reworks UserMemento#isSystem to instead be a check for SudoService#ACCESS_ALL_ROLE > Redefine UserMemento#isSystemUser to instead take into account > SudoService#accessAll role > - > > Key: ISIS-3303 > URL: https://issues.apache.org/jira/browse/ISIS-3303 > Project: Isis > Issue Type: Improvement > Components: Isis Extensions SecMan >Affects Versions: 2.0.0-M9 >Reporter: Daniel Keir Haywood >Assignee: Daniel Keir Haywood >Priority: Minor > Fix For: 2.0.0-RC1 > > > We currently have two very similar notions that are meant to disable > permission checking (typically for integration tests), > `UserMemento#isSystemUser`, and separately the `SudoService#ACCESS_ALL` role, > as set up by the `NoPermissionsCheck` junit 5 extension. > However, the `TenantedAuthorizationFacetDefault` is only aware of the former > of these, via `UserService#isCurrentUserWithSystemPrivileges`, and because > the UserMemento#isSystem is an equality check, the two mechanisms are > incompatible. > Luckily, `TenantedAuthorizationFacetDefault` is the only usage of this API. > Therefore, the purpose of this improvement is to combine these two notions, > and refactor names from (real) "system user" (aka root) to (effective) user > (aka sudo). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[GitHub] [isis] danhaywood opened a new pull request, #1252: ISIS-3303: reworks UserMemento#isSystem to instead be a check ...
danhaywood opened a new pull request, #1252: URL: https://github.com/apache/isis/pull/1252 … for SudoService#ACCESS_ALL_ROLE -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@isis.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Created] (ISIS-3303) Redefine UserMemento#isSystemUser to instead take into account SudoService#accessAll role
Daniel Keir Haywood created ISIS-3303: - Summary: Redefine UserMemento#isSystemUser to instead take into account SudoService#accessAll role Key: ISIS-3303 URL: https://issues.apache.org/jira/browse/ISIS-3303 Project: Isis Issue Type: Improvement Components: Isis Extensions SecMan Affects Versions: 2.0.0-M9 Reporter: Daniel Keir Haywood Assignee: Daniel Keir Haywood Fix For: 2.0.0-RC1 We currently have two very similar notions that are meant to disable permission checking (typically for integration tests), `UserMemento#isSystemUser`, and separately the `SudoService#ACCESS_ALL` role, as set up by the `NoPermissionsCheck` junit 5 extension. However, the `TenantedAuthorizationFacetDefault` is only aware of the former of these, via `UserService#isCurrentUserWithSystemPrivileges`, and because the UserMemento#isSystem is an equality check, the two mechanisms are incompatible. Luckily, `TenantedAuthorizationFacetDefault` is the only usage of this API. Therefore, the purpose of this improvement is to combine these two notions, and refactor names from (real) "system user" (aka root) to (effective) user (aka sudo). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (ISIS-3299) [UNNECESSARY?] Infer domainEvent from `@Property`, `@Collection`, `@Action` when annotated at class level (for a mixin).
[ https://issues.apache.org/jira/browse/ISIS-3299?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17644732#comment-17644732 ] Daniel Keir Haywood commented on ISIS-3299: --- I've made edits (equiv to those needed in v1 to support this), but I remember concluding that actually v2 already supports this requirement. So putting to one side for the moment. > [UNNECESSARY?] Infer domainEvent from `@Property`, `@Collection`, `@Action` > when annotated at class level (for a mixin). > > > Key: ISIS-3299 > URL: https://issues.apache.org/jira/browse/ISIS-3299 > Project: Isis > Issue Type: Improvement > Components: Isis Core >Affects Versions: 2.0.0-M9 >Reporter: Daniel Keir Haywood >Assignee: Daniel Keir Haywood >Priority: Minor > Fix For: 2.0.0-RC1 > > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (ISIS-3299) [UNNECESSARY?] Infer domainEvent from `@Property`, `@Collection`, `@Action` when annotated at class level (for a mixin).
[ https://issues.apache.org/jira/browse/ISIS-3299?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Daniel Keir Haywood updated ISIS-3299: -- Summary: [UNNECESSARY?] Infer domainEvent from `@Property`, `@Collection`, `@Action` when annotated at class level (for a mixin). (was: Infer domainEvent from `@Property`, `@Collection`, `@Action` when annotated at class level (for a mixin).) > [UNNECESSARY?] Infer domainEvent from `@Property`, `@Collection`, `@Action` > when annotated at class level (for a mixin). > > > Key: ISIS-3299 > URL: https://issues.apache.org/jira/browse/ISIS-3299 > Project: Isis > Issue Type: Improvement > Components: Isis Core >Affects Versions: 2.0.0-M9 >Reporter: Daniel Keir Haywood >Assignee: Daniel Keir Haywood >Priority: Minor > Fix For: 2.0.0-RC1 > > -- This message was sent by Atlassian Jira (v8.20.10#820010)
