You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@isis.apache.org by da...@apache.org on 2021/04/18 09:45:22 UTC
[isis] 02/02: ISIS-2484: secman docs
This is an automated email from the ASF dual-hosted git repository.
danhaywood pushed a commit to branch 2.0.0-M5
in repository https://gitbox.apache.org/repos/asf/isis.git
commit 3a22bdbe24744fc6060a62dd2d53fe4f71755607
Author: danhaywood <da...@haywood-associates.co.uk>
AuthorDate: Sat Apr 17 19:31:17 2021 +0100
ISIS-2484: secman docs
---
.../pages/index/restclient/RestfulClient.adoc | 2 +
.../api/tenancy/ApplicationTenancyEvaluator.adoc | 34 ++-
.../index/secman/api/user/ApplicationUser.adoc | 30 ++-
core/adoc/modules/_overview/pages/about.adoc | 228 +--------------------
.../secman/adoc/modules/secman/pages/about.adoc | 54 ++++-
5 files changed, 113 insertions(+), 235 deletions(-)
diff --git a/antora/components/refguide-index/modules/extensions/pages/index/restclient/RestfulClient.adoc b/antora/components/refguide-index/modules/extensions/pages/index/restclient/RestfulClient.adoc
index b4d0c77..e6cd054 100644
--- a/antora/components/refguide-index/modules/extensions/pages/index/restclient/RestfulClient.adoc
+++ b/antora/components/refguide-index/modules/extensions/pages/index/restclient/RestfulClient.adoc
@@ -3,6 +3,8 @@
Setup the Restful Client with Basic-Auth:Synchronous example:Asynchronous example:Maven Setup:
+For example:
+
----
RestfulClientConfig clientConfig = new RestfulClientConfig();
diff --git a/antora/components/refguide-index/modules/extensions/pages/index/secman/api/tenancy/ApplicationTenancyEvaluator.adoc b/antora/components/refguide-index/modules/extensions/pages/index/secman/api/tenancy/ApplicationTenancyEvaluator.adoc
index e911c41..bff6d62 100644
--- a/antora/components/refguide-index/modules/extensions/pages/index/secman/api/tenancy/ApplicationTenancyEvaluator.adoc
+++ b/antora/components/refguide-index/modules/extensions/pages/index/secman/api/tenancy/ApplicationTenancyEvaluator.adoc
@@ -10,8 +10,8 @@ Optional SPI interface to be implemented by a domain service, providing an alter
----
interface ApplicationTenancyEvaluator {
boolean handles(Class<?> cls) // <.>
- String hides(Object domainObject, ApplicationUser applicationUser)
- String disables(Object domainObject, ApplicationUser applicationUser)
+ String hides(Object domainObject, ApplicationUser applicationUser) // <.>
+ String disables(Object domainObject, ApplicationUser applicationUser) // <.>
}
----
@@ -20,6 +20,16 @@ interface ApplicationTenancyEvaluator {
--
Whether this evaluator can determine the tenancy of the specified domain entity (such as `ToDoItem` ) being interacted with (the "what").
--
+<.> xref:#hides__Object_ApplicationUser[hides(Object, ApplicationUser)]
++
+--
+Whether this domain object should not be visible to the specified xref:refguide:extensions:index/secman/api/user/ApplicationUser.adoc[ApplicationUser] .
+--
+<.> xref:#disables__Object_ApplicationUser[disables(Object, ApplicationUser)]
++
+--
+Whether the object members of this domain object should be disabled/read-only for the specified xref:refguide:extensions:index/secman/api/user/ApplicationUser.adoc[ApplicationUser] .
+--
== Members
@@ -29,3 +39,23 @@ Whether this evaluator can determine the tenancy of the specified domain entity
Whether this evaluator can determine the tenancy of the specified domain entity (such as `ToDoItem` ) being interacted with (the "what").
This method is also called to determine if the evaluator is also able to determine the tenancy of the security module's own xref:refguide:extensions:index/secman/api/user/ApplicationUser.adoc[ApplicationUser] , ie the "who" is doing the interacting. If the evaluator does not handle the class, then the fallback behaviour is to invoke _ApplicationUser#getAtPath()_ } on the xref:refguide:extensions:index/secman/api/user/ApplicationUser.adoc[ApplicationUser] and use the path from that.
+
+[#hides__Object_ApplicationUser]
+=== hides(Object, ApplicationUser)
+
+Whether this domain object should not be visible to the specified xref:refguide:extensions:index/secman/api/user/ApplicationUser.adoc[ApplicationUser] .
+
+The domain object will be one that is handled by this evaluator, in other words that _#handles(Class)_ was previously called and the evaluator returned `true` .
+
+A non-null return value means that the object should be hidden.
+
+[#disables__Object_ApplicationUser]
+=== disables(Object, ApplicationUser)
+
+Whether the object members of this domain object should be disabled/read-only for the specified xref:refguide:extensions:index/secman/api/user/ApplicationUser.adoc[ApplicationUser] .
+
+The domain object will be one that is handled by this evaluator, in other words that _#handles(Class)_ was previously called and the evaluator returned `true` .
+
+This method is only called after _#hides(Object, ApplicationUser)_ and only if that method returned `false` .
+
+A non-null return value means that the object should be disabled, and is used as the reason why the object member is disabled.
diff --git a/antora/components/refguide-index/modules/extensions/pages/index/secman/api/user/ApplicationUser.adoc b/antora/components/refguide-index/modules/extensions/pages/index/secman/api/user/ApplicationUser.adoc
index 306532a..e01a52d 100644
--- a/antora/components/refguide-index/modules/extensions/pages/index/secman/api/user/ApplicationUser.adoc
+++ b/antora/components/refguide-index/modules/extensions/pages/index/secman/api/user/ApplicationUser.adoc
@@ -16,8 +16,8 @@ interface ApplicationUser {
String title() // <.>
String iconName()
String getName()
- String getEncryptedPassword()
- AccountType getAccountType()
+ String getEncryptedPassword() // <.>
+ AccountType getAccountType() // <.>
void setAccountType(AccountType accountType)
ApplicationPermissionValueSet getPermissionSet()
Set<? extends ApplicationRole> getRoles()
@@ -49,6 +49,16 @@ interface ApplicationUser {
--
having a title() method (rather than using @Title annotation) is necessary as a workaround to be able to use wrapperFactory#unwrap(...) method, which is otherwise broken in Isis 1.6.0
--
+<.> xref:#getEncryptedPassword__[getEncryptedPassword()]
++
+--
+Only used for _#getAccountType() local_ users, stores the password in encrypted form.
+--
+<.> xref:#getAccountType__[getAccountType()]
++
+--
+Determines how to authenticate this user.
+--
== Members
@@ -56,3 +66,19 @@ having a title() method (rather than using @Title annotation) is necessary as a
=== title()
having a title() method (rather than using @Title annotation) is necessary as a workaround to be able to use wrapperFactory#unwrap(...) method, which is otherwise broken in Isis 1.6.0
+
+[#getEncryptedPassword__]
+=== getEncryptedPassword()
+
+Only used for _#getAccountType() local_ users, stores the password in encrypted form.
+
+The password will have been encrypted by the configured _org.apache.isis.extensions.secman.api.encryption.PasswordEncryptionService_ .
+
+[#getAccountType__]
+=== getAccountType()
+
+Determines how to authenticate this user.
+
+_AccountType#LOCAL local_ users are authenticated directly against the _#getEncryptedPassword() password_ .
+
+_AccountType#DELEGATED delegated_ users are authenticated by some other authentication mechanism. For example, Secman's Shiro realm allows a delegate realm to be configured, and will call that delegate realm for delegated users rather than authenticating locally.
diff --git a/core/adoc/modules/_overview/pages/about.adoc b/core/adoc/modules/_overview/pages/about.adoc
index 65ac959..0180a3b 100644
--- a/core/adoc/modules/_overview/pages/about.adoc
+++ b/core/adoc/modules/_overview/pages/about.adoc
@@ -804,171 +804,7 @@ Artifact: demo-domain
Type: jar
Directory: /examples/demo/domain
----
-|.Components
-****
-demoapp.dom.AppConfiguration +
-demoapp.dom._infra.DefaultTitleProvider +
-demoapp.dom._infra.LibraryPreloadingService +
-demoapp.dom._infra.fixtures.DemoFixtureScriptSpecificationProvider +
-demoapp.dom._infra.resources.AsciiDocConverterService +
-demoapp.dom._infra.resources.AsciiDocReaderService +
-demoapp.dom._infra.resources.MarkdownReaderService +
-demoapp.dom._infra.resources.MarkupReaderService +
-demoapp.dom._infra.resources.MarkupVariableResolverService +
-demoapp.dom._infra.resources.ResourceReaderService +
-demoapp.dom._infra.samples.NameSamples +
-demoapp.dom._infra.urlencoding.UrlEncodingServiceNaiveInMemory +
-demoapp.dom.domain._changes.EntityChangesSubscriberToCaptureChangesInMemory +
-demoapp.dom.domain._commands.ExposePersistedCommands$TableColumnOrderDefault +
-demoapp.dom.domain._interactions.ExecutionListenerToCaptureInteractionsInMemory +
-demoapp.dom.domain.actions.Action.commandPublishing.ActionCommandPublishingJdoEntities +
-demoapp.dom.domain.actions.Action.commandPublishing.ActionCommandPublishingJdoSeedService +
-demoapp.dom.domain.actions.Action.executionPublishing.ActionExecutionPublishingJdoEntities +
-demoapp.dom.domain.actions.Action.executionPublishing.ActionExecutionPublishingJdoSeedService +
-demoapp.dom.domain.objects.DomainObject.entityChangePublishing.annotated.disabled.DomainObjectEntityChangePublishingDisabledJdoEntities +
-demoapp.dom.domain.objects.DomainObject.entityChangePublishing.annotated.disabled.DomainObjectEntityChangePublishingDisabledJdoSeedService +
-demoapp.dom.domain.objects.DomainObject.entityChangePublishing.annotated.enabled.DomainObjectAuditingEnabledJdoEntities +
-demoapp.dom.domain.objects.DomainObject.entityChangePublishing.annotated.enabled.DomainObjectAuditingEnabledJdoSeedService +
-demoapp.dom.domain.objects.DomainObject.entityChangePublishing.metaAnnot.enabled.DomainObjectEntityChangePublishingEnabledMetaAnnotatedJdoEntities +
-demoapp.dom.domain.objects.DomainObject.entityChangePublishing.metaAnnot.enabled.DomainObjectEntityChangePublishingEnabledMetaAnnotatedJdoSeedService +
-demoapp.dom.domain.objects.DomainObject.entityChangePublishing.metaAnnotOverridden.enabled.DomainObjectEntityChangePublishingEnabledMetaAnnotOverriddenJdoEntities +
-demoapp.dom.domain.objects.DomainObject.entityChangePublishing.metaAnnotOverridden.enabled.DomainObjectEntityChangePublishingEnabledMetaAnnotOverriddenJdoSeedService +
-demoapp.dom.domain.objects.DomainObject.nature.viewmodels.jaxbrefentity.ChildJdoEntities +
-demoapp.dom.domain.objects.DomainObject.nature.viewmodels.jaxbrefentity.seed.ChildJdoSeedService +
-demoapp.dom.domain.objects.other.embedded.NumberConstantJdoRepository +
-demoapp.dom.domain.properties.Property.commandPublishing.PropertyCommandPublishingJdoEntities +
-demoapp.dom.domain.properties.Property.commandPublishing.PropertyCommandPublishingJdoSeedService +
-demoapp.dom.domain.properties.Property.executionPublishing.PropertyExecutionPublishingJdoEntities +
-demoapp.dom.domain.properties.Property.executionPublishing.PropertyExecutionPublishingJdoSeedService +
-demoapp.dom.domain.properties.Property.projecting.jdo.PropertyProjectingChildJdoEntities +
-demoapp.dom.domain.properties.Property.projecting.jdo.PropertyProjectingChildJdoSeedService +
-demoapp.dom.domain.properties.PropertyLayout.navigable.FileTreeNodeService +
-demoapp.dom.domain.properties.PropertyLayout.repainting.PdfJsViewerAdvisorFallback +
-demoapp.dom.featured.customui.geocoding.GeoapifyClient +
-demoapp.dom.services.core.errorreportingservice.ErrorReportingServiceDemoImplementation +
-demoapp.dom.services.core.eventbusservice.EventLogEntryJdoRepository +
-demoapp.dom.services.core.eventbusservice.EventSubscriberDemoImplementation +
-demoapp.dom.services.core.wrapperFactory.WrapperFactoryJdoEntities +
-demoapp.dom.services.core.wrapperFactory.WrapperFactoryJdoSeedService +
-demoapp.dom.services.extensions.secman.apptenancy.ApplicationTenancyEvaluatorForDemo +
-demoapp.dom.services.extensions.secman.apptenancy.entities.TenantedJdoEntities +
-demoapp.dom.services.extensions.secman.apptenancy.entities.seed.TenantedJdoSeedService +
-demoapp.dom.types.isis.blobs.jdo.IsisBlobJdoEntities +
-demoapp.dom.types.isis.blobs.jdo.IsisBlobJdoSeedService +
-demoapp.dom.types.isis.blobs.samples.IsisBlobsSamples +
-demoapp.dom.types.isis.clobs.jdo.IsisClobJdoEntities +
-demoapp.dom.types.isis.clobs.jdo.IsisClobJdoSeedService +
-demoapp.dom.types.isis.clobs.samples.IsisClobsSamples +
-demoapp.dom.types.isis.localresourcepaths.jdo.IsisLocalResourcePathJdoEntities +
-demoapp.dom.types.isis.localresourcepaths.jdo.IsisLocalResourcePathJdoSeedService +
-demoapp.dom.types.isis.localresourcepaths.samples.IsisLocalResourcePathsSamples +
-demoapp.dom.types.isis.markups.jdo.IsisMarkupJdoEntities +
-demoapp.dom.types.isis.markups.jdo.IsisMarkupJdoSeedService +
-demoapp.dom.types.isis.markups.samples.IsisMarkupSamples +
-demoapp.dom.types.isis.passwords.jdo.IsisPasswordJdoEntities +
-demoapp.dom.types.isis.passwords.jdo.IsisPasswordJdoSeedService +
-demoapp.dom.types.isis.passwords.samples.IsisPasswordsSamples +
-demoapp.dom.types.isisext.asciidocs.jdo.IsisAsciiDocJdoEntities +
-demoapp.dom.types.isisext.asciidocs.jdo.IsisAsciiDocJdoSeedService +
-demoapp.dom.types.isisext.asciidocs.samples.IsisAsciiDocSamples +
-demoapp.dom.types.isisext.markdowns.jdo.IsisMarkdownJdoEntities +
-demoapp.dom.types.isisext.markdowns.jdo.IsisMarkdownJdoSeedService +
-demoapp.dom.types.isisext.markdowns.samples.IsisMarkdownSamples +
-demoapp.dom.types.javaawt.images.jdo.JavaAwtImageJdoEntities +
-demoapp.dom.types.javaawt.images.jdo.JavaAwtImageJdoSeedService +
-demoapp.dom.types.javaawt.images.samples.JavaAwtImageService +
-demoapp.dom.types.javaawt.images.samples.JavaAwtImagesSamples +
-demoapp.dom.types.javalang.booleans.jdo.WrapperBooleanJdoEntities +
-demoapp.dom.types.javalang.booleans.jdo.WrapperBooleanJdoSeedService +
-demoapp.dom.types.javalang.booleans.samples.WrapperBooleanSamples +
-demoapp.dom.types.javalang.bytes.jdo.WrapperByteJdoEntities +
-demoapp.dom.types.javalang.bytes.jdo.WrapperByteJdoSeedService +
-demoapp.dom.types.javalang.bytes.samples.WrapperByteSamples +
-demoapp.dom.types.javalang.characters.jdo.WrapperCharacterJdoEntities +
-demoapp.dom.types.javalang.characters.jdo.WrapperCharacterJdoSeedService +
-demoapp.dom.types.javalang.characters.samples.WrapperCharacterSamples +
-demoapp.dom.types.javalang.doubles.jdo.WrapperDoubleJdoEntities +
-demoapp.dom.types.javalang.doubles.jdo.WrapperDoubleJdoSeedService +
-demoapp.dom.types.javalang.doubles.samples.WrapperDoubleSamples +
-demoapp.dom.types.javalang.floats.jdo.WrapperFloatJdoEntities +
-demoapp.dom.types.javalang.floats.jdo.WrapperFloatJdoSeedService +
-demoapp.dom.types.javalang.floats.samples.WrapperFloatSamples +
-demoapp.dom.types.javalang.integers.jdo.WrapperIntegerJdoEntities +
-demoapp.dom.types.javalang.integers.jdo.WrapperIntegerJdoSeedService +
-demoapp.dom.types.javalang.integers.samples.WrapperIntegerSamples +
-demoapp.dom.types.javalang.longs.jdo.WrapperLongJdoEntities +
-demoapp.dom.types.javalang.longs.jdo.WrapperLongJdoSeedService +
-demoapp.dom.types.javalang.longs.samples.WrapperLongSamples +
-demoapp.dom.types.javalang.shorts.jdo.WrapperShortJdoEntities +
-demoapp.dom.types.javalang.shorts.jdo.WrapperShortJdoSeedService +
-demoapp.dom.types.javalang.shorts.samples.WrapperShortSamples +
-demoapp.dom.types.javalang.strings.jdo.JavaLangStringJdoEntities +
-demoapp.dom.types.javalang.strings.jdo.JavaLangStringJdoSeedService +
-demoapp.dom.types.javalang.strings.samples.JavaLangStringSamples +
-demoapp.dom.types.javamath.bigdecimals.jdo.JavaMathBigDecimalJdoEntities +
-demoapp.dom.types.javamath.bigdecimals.jdo.JavaMathBigDecimalJdoSeedService +
-demoapp.dom.types.javamath.bigdecimals.samples.JavaMathBigDecimalSamples +
-demoapp.dom.types.javamath.bigintegers.jdo.JavaMathBigIntegerJdoEntities +
-demoapp.dom.types.javamath.bigintegers.jdo.JavaMathBigIntegerJdoSeedService +
-demoapp.dom.types.javamath.bigintegers.samples.JavaMathBigIntegerSamples +
-demoapp.dom.types.javanet.urls.jdo.JavaNetUrlJdoEntities +
-demoapp.dom.types.javanet.urls.jdo.JavaNetUrlJdoSeedService +
-demoapp.dom.types.javanet.urls.samples.JavaNetUrlSamples +
-demoapp.dom.types.javasql.javasqldate.jdo.JavaSqlDateJdoEntities +
-demoapp.dom.types.javasql.javasqldate.jdo.JavaSqlDateJdoSeedService +
-demoapp.dom.types.javasql.javasqldate.samples.JavaSqlDateSamples +
-demoapp.dom.types.javasql.javasqltimestamp.jdo.JavaSqlTimestampJdoEntities +
-demoapp.dom.types.javasql.javasqltimestamp.jdo.JavaSqlTimestampJdoSeedService +
-demoapp.dom.types.javasql.javasqltimestamp.samples.JavaSqlTimestampSamples +
-demoapp.dom.types.javatime.javatimelocaldate.jdo.JavaTimeLocalDateJdoEntities +
-demoapp.dom.types.javatime.javatimelocaldate.jdo.JavaTimeLocalDateJdoSeedService +
-demoapp.dom.types.javatime.javatimelocaldate.samples.JavaTimeLocalDateSamples +
-demoapp.dom.types.javatime.javatimelocaldatetime.jdo.JavaTimeLocalDateTimeJdoEntities +
-demoapp.dom.types.javatime.javatimelocaldatetime.jdo.JavaTimeLocalDateTimeJdoSeedService +
-demoapp.dom.types.javatime.javatimelocaldatetime.samples.JavaTimeLocalDateTimeSamples +
-demoapp.dom.types.javatime.javatimeoffsetdatetime.jdo.JavaTimeOffsetDateTimeJdoEntities +
-demoapp.dom.types.javatime.javatimeoffsetdatetime.jdo.JavaTimeOffsetDateTimeJdoSeedService +
-demoapp.dom.types.javatime.javatimeoffsetdatetime.samples.JavaTimeOffsetDateTimeSamples +
-demoapp.dom.types.javatime.javatimeoffsettime.jdo.JavaTimeOffsetTimeJdoEntities +
-demoapp.dom.types.javatime.javatimeoffsettime.jdo.JavaTimeOffsetTimeJdoSeedService +
-demoapp.dom.types.javatime.javatimeoffsettime.samples.JavaTimeOffsetTimeSamples +
-demoapp.dom.types.javatime.javatimezoneddatetime.jdo.JavaTimeZonedDateTimeJdoEntities +
-demoapp.dom.types.javatime.javatimezoneddatetime.jdo.JavaTimeZonedDateTimeJdoSeedService +
-demoapp.dom.types.javatime.javatimezoneddatetime.samples.JavaTimeZonedDateTimeSamples +
-demoapp.dom.types.javautil.javautildate.jdo.JavaUtilDateJdoEntities +
-demoapp.dom.types.javautil.javautildate.jdo.JavaUtilDateJdoSeedService +
-demoapp.dom.types.javautil.javautildate.samples.JavaUtilDateSamples +
-demoapp.dom.types.javautil.uuids.jdo.JavaUtilUuidJdoEntities +
-demoapp.dom.types.javautil.uuids.jdo.JavaUtilUuidJdoSeedService +
-demoapp.dom.types.javautil.uuids.samples.JavaUtilUuidSamples +
-demoapp.dom.types.jodatime.jodadatetime.jdo.JodaDateTimeJdoEntities +
-demoapp.dom.types.jodatime.jodadatetime.jdo.JodaDateTimeJdoSeedService +
-demoapp.dom.types.jodatime.jodadatetime.samples.JodaDateTimeSamples +
-demoapp.dom.types.jodatime.jodalocaldate.jdo.JodaLocalDateJdoEntities +
-demoapp.dom.types.jodatime.jodalocaldate.jdo.JodaLocalDateJdoSeedService +
-demoapp.dom.types.jodatime.jodalocaldate.samples.JodaLocalDateSamples +
-demoapp.dom.types.jodatime.jodalocaldatetime.jdo.JodaLocalDateTimeJdoEntities +
-demoapp.dom.types.jodatime.jodalocaldatetime.jdo.JodaLocalDateTimeJdoSeedService +
-demoapp.dom.types.jodatime.jodalocaldatetime.samples.JodaLocalDateTimeSamples +
-demoapp.dom.types.primitive.booleans.jdo.PrimitiveBooleanJdoEntities +
-demoapp.dom.types.primitive.booleans.jdo.PrimitiveBooleanJdoSeedService +
-demoapp.dom.types.primitive.bytes.jdo.PrimitiveByteJdoEntities +
-demoapp.dom.types.primitive.bytes.jdo.PrimitiveByteJdoSeedService +
-demoapp.dom.types.primitive.chars.jdo.PrimitiveCharJdoEntities +
-demoapp.dom.types.primitive.chars.jdo.PrimitiveCharJdoSeedService +
-demoapp.dom.types.primitive.doubles.jdo.PrimitiveDoubleJdoEntities +
-demoapp.dom.types.primitive.doubles.jdo.PrimitiveDoubleJdoSeedService +
-demoapp.dom.types.primitive.floats.jdo.PrimitiveFloatJdoEntities +
-demoapp.dom.types.primitive.floats.jdo.PrimitiveFloatJdoSeedService +
-demoapp.dom.types.primitive.ints.jdo.PrimitiveIntJdoEntities +
-demoapp.dom.types.primitive.ints.jdo.PrimitiveIntJdoSeedService +
-demoapp.dom.types.primitive.longs.jdo.PrimitiveLongJdoEntities +
-demoapp.dom.types.primitive.longs.jdo.PrimitiveLongJdoSeedService +
-demoapp.dom.types.primitive.shorts.jdo.PrimitiveShortJdoEntities +
-demoapp.dom.types.primitive.shorts.jdo.PrimitiveShortJdoSeedService +
-****
-
-.Dependencies
+|.Dependencies
****
com.h2database:h2:jar:<managed> +
org.apache.isis.extensions:isis-extensions-command-log-jdo:jar:<managed> +
@@ -1041,12 +877,7 @@ Artifact: demo-web
Type: jar
Directory: /examples/demo/web
----
-|.Components
-****
-demoapp.web._infra.utils.ThereCanBeOnlyOne +
-****
-
-.Dependencies
+|.Dependencies
****
org.apache.isis.examples.apps:demo-domain:jar:${project.version} +
org.apache.isis.extensions:isis-extensions-command-replay-primary:jar:<managed> +
@@ -1066,12 +897,7 @@ Artifact: demo-wicket
Type: jar
Directory: /examples/demo/wicket
----
-|.Components
-****
-demoapp.webapp.wicket.ui.custom.WhereInTheWorldPanelFactory +
-****
-
-.Dependencies
+|.Dependencies
****
org.apache.isis.examples.apps:demo-web:jar:${project.version} +
org.apache.isis.extensions:isis-extensions-pdfjs-ui:jar:<managed> +
@@ -2747,7 +2573,7 @@ org.datanucleus:javax.jdo:jar:<managed> +
.Document Index Entries
****
-xref:refguide:viewer:index/restfulobjects/viewer/IsisModuleViewerRestfulObjectsViewer.adoc[IsisModuleViewerRestfulObjectsViewer]
+xref:refguide:viewer:index/restfulobjects/viewer/IsisModuleViewerRestfulObjectsViewer.adoc[IsisModuleViewerRestfulObjectsViewer], xref:refguide:viewer:index/restfulobjects/viewer/webmodule/auth/AuthenticationStrategy.adoc[AuthenticationStrategy], xref:refguide:viewer:index/restfulobjects/viewer/webmodule/auth/AuthenticationStrategyAbstract.adoc[AuthenticationStrategyAbstract], xref:refguide:viewer:index/restfulobjects/viewer/webmodule/auth/AuthenticationStrategyBasicAuth.adoc[Authenticat [...]
****
|===
@@ -4552,6 +4378,7 @@ org.apache.isis.core:isis-core-config:jar:<managed> +
org.apache.isis.core:isis-core-internaltestsupport:jar:<managed> +
org.apache.isis.core:isis-core-runtime:jar:<managed> +
org.apache.isis.core:isis-schema:jar:<managed> +
+org.apache.isis.extensions:isis-extensions-command-log-jdo:jar:<managed> +
org.apache.isis.extensions:isis-extensions-quartz-impl:jar:<managed> +
org.apache.isis.mappings:isis-mappings-jaxrsclient-applib:jar:<managed> +
org.apache.isis.mappings:isis-mappings-jaxrsclient-impl:jar:<managed> +
@@ -4685,7 +4512,6 @@ Directory: /extensions/core/quartz/impl
****
org.apache.isis.core:isis-core-config:jar:<managed> +
org.apache.isis.core:isis-core-security:jar:<managed> +
-org.apache.isis.extensions:isis-extensions-command-log-jdo:jar:<managed> +
org.springframework.boot:spring-boot-starter-quartz:jar:<managed> +
****
@@ -5637,24 +5463,7 @@ Artifact: isis-regressiontests-stable
Type: jar
Directory: /regressiontests/stable
----
-|.Components
-****
-o.a.i.testdomain.applayer.ApplicationLayerTestFactory +
-o.a.i.testdomain.applayer.ApplicationLayerTestFactory$PreCommitListener +
-o.a.i.testdomain.applayer.publishing.CommandSubscriberForTesting +
-o.a.i.testdomain.applayer.publishing.EntityChangesSubscriberForTesting +
-o.a.i.testdomain.applayer.publishing.EntityPropertyChangeSubscriberForTesting +
-o.a.i.testdomain.applayer.publishing.ExecutionSubscriberForTesting +
-o.a.i.testdomain.conf.Configuration_headless$HeadlessCommandSupport +
-o.a.i.testdomain.jdo.JdoInventoryDao +
-o.a.i.testdomain.jpa.JpaInventoryDao +
-o.a.i.testdomain.jpa.springdata.EmployeeRepository +
-o.a.i.testdomain.util.interaction.InteractionBoundaryProbe +
-o.a.i.testdomain.util.kv.KVStoreForTesting +
-o.a.i.testdomain.util.rest.RestEndpointService +
-****
-
-.Dependencies
+|.Dependencies
****
org.apache.isis.extensions:isis-extensions-cors-impl:jar:<managed> +
org.glassfish.jersey.ext:jersey-spring5:jar:<managed> +
@@ -5842,30 +5651,7 @@ Artifact: isis-viewer-javafx-ui
Type: jar
Directory: /incubator/viewers/javafx/ui
----
-|.Components
-****
-o.a.i.incubator.viewer.javafx.ui.components.UiComponentFactoryFx +
-o.a.i.incubator.viewer.javafx.ui.components.markup.MarkupFieldFactory +
-o.a.i.incubator.viewer.javafx.ui.components.number.NumberFieldFactory +
-o.a.i.incubator.viewer.javafx.ui.components.objectref.ObjectReferenceFieldFactory +
-o.a.i.incubator.viewer.javafx.ui.components.other.FallbackFieldFactory +
-o.a.i.incubator.viewer.javafx.ui.components.temporal.TemporalFieldFactory +
-o.a.i.incubator.viewer.javafx.ui.components.text.TextFieldFactory +
-o.a.i.incubator.viewer.javafx.ui.decorator.disabling.DisablingDecoratorForButton +
-o.a.i.incubator.viewer.javafx.ui.decorator.disabling.DisablingDecoratorForFormField +
-o.a.i.incubator.viewer.javafx.ui.decorator.icon.IconDecoratorForLabeled +
-o.a.i.incubator.viewer.javafx.ui.decorator.icon.IconDecoratorForMenuItem +
-o.a.i.incubator.viewer.javafx.ui.decorator.icon.IconServiceDefault +
-o.a.i.incubator.viewer.javafx.ui.decorator.prototyping.PrototypingDecoratorForButton +
-o.a.i.incubator.viewer.javafx.ui.decorator.prototyping.PrototypingDecoratorForFormField +
-o.a.i.incubator.viewer.javafx.ui.decorator.prototyping.PrototypingInfoPopupProvider +
-o.a.i.incubator.viewer.javafx.ui.main.MainViewFx +
-o.a.i.incubator.viewer.javafx.ui.main.UiActionHandlerFx +
-o.a.i.incubator.viewer.javafx.ui.main.UiBuilderFx +
-o.a.i.incubator.viewer.javafx.ui.main.UiContextFxDefault +
-****
-
-.Dependencies
+|.Dependencies
****
org.apache.isis.core:isis-core-runtimeservices:jar:<managed> +
org.apache.isis.incubator.viewer:isis-viewer-javafx-model:jar:<managed> +
diff --git a/extensions/security/secman/adoc/modules/secman/pages/about.adoc b/extensions/security/secman/adoc/modules/secman/pages/about.adoc
index 0291fbb..98f0b79 100644
--- a/extensions/security/secman/adoc/modules/secman/pages/about.adoc
+++ b/extensions/security/secman/adoc/modules/secman/pages/about.adoc
@@ -135,21 +135,55 @@ public class ApplicationTenancyEvaluatorUsingAtPath implements ApplicationTenanc
<.> SecMan provides the xref:refguide:extensions:index/secman/api/tenancy/HasAtPath.adoc[HasAtPath] interface to standardize the way in which domain objects expose their "tag" (atPath) to the evaluator.
<.> can view all objects (above and below) within the user's hierarchy
+
-for example:
+For example:
+
-* obj = '/', user = '/ITA' : visible
-* obj = '/ITA', user = '/ITA' : visible
-* obj = '/ITA/MIL', user = '/ITA' : visible
-* obj = '/FRA', user = '/ITA' : not visible
+[cols="2m,2m,2a"]
+|===
+| Object atPath | User atPath | Visibility
+
+|/
+|/ITA
+|visible
+
+|/ITA
+|/ITA
+|visible
+
+|/ITA/MIL
+|/ITA
+|visible
+
+|/FRA
+|/ITA
+|not visible
+
+|===
<.> can edit only objects at or below the user's hierarchy
+
-for example:
+For example:
+
-* obj = '/', user = '/ITA' : not editable
-* obj = '/ITA', user = '/ITA' : editable
-* obj = '/ITA/MIL', user = '/ITA' : editable
-* obj = '/FRA', user = '/ITA' : not editable
+[cols="2m,2m,2a"]
+|===
+| Object atPath | User atPath | Outcome
+
+|/
+|/ITA
+|disabled
+
+|/ITA
+|/ITA
+|enabled
+
+|/ITA/MIL
+|/ITA
+|enabled
+
+|/FRA
+|/ITA
+|n/a (not visible)
+
+|===
More complex implementations are possible: ultimately the "atPath" properties are just strings and so can be interpreted in whatever way makes sense.
For example, to allow a user to be able to access objects from multiple countries, we could use a format such as "/ITA;/BEL".