You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@isis.apache.org by da...@apache.org on 2021/05/23 14:12:32 UTC
[isis] 01/01: Merge branch '2.0.0-M5'
This is an automated email from the ASF dual-hosted git repository.
danhaywood pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/isis.git
commit 29c7a201e60e28e6f81b5773193e2a88f28d8d4e
Merge: d79a744 909d110
Author: danhaywood <da...@haywood-associates.co.uk>
AuthorDate: Sun May 23 15:11:21 2021 +0100
Merge branch '2.0.0-M5'
.../components/docs/modules/ROOT/pages/about.adoc | 2 +-
.../ErrorReportingService_010-implementation.adoc | 2 +-
.../pages/index/restclient/RestfulClient.adoc | 2 +
.../api/tenancy/ApplicationTenancyEvaluator.adoc | 34 ++-
.../index/secman/api/user/ApplicationUser.adoc | 30 ++-
core/adoc/modules/_overview/pages/about.adoc | 78 +-----
.../modules/config/pages/sections/datanucleus.adoc | 2 +-
.../src/main/adoc/modules/demo/pages/about.adoc | 10 +-
.../adoc/modules/model-annotation/pages/about.adoc | 0
.../secman/images/secman-domain-model.drawio.svg | 1 +
.../images/secman-shiro-architecture.drawio.svg | 1 +
.../secman-shiro-delegate-architecture.drawio.svg | 1 +
...s-security-module-realm-with-delegate-realm.PNG | Bin 45089 -> 0 bytes
...iro-to-use-isisaddons-security-module-realm.PNG | Bin 38713 -> 0 bytes
.../secman/adoc/modules/secman/pages/about.adoc | 273 ++++++++++++++++++-
.../secman/adoc/modules/secman/pages/api.adoc | 7 -
.../modules/secman/pages/jbcrypt-encryption.adoc | 7 -
.../adoc/modules/secman/pages/jdo-persistence.adoc | 7 -
.../adoc/modules/secman/pages/jpa-persistence.adoc | 8 -
.../secman/adoc/modules/secman/pages/model.adoc | 7 -
.../adoc/modules/secman/pages/setting-up.adoc | 288 +++++++++++++++++++++
.../adoc/modules/secman/pages/shiro-realm.adoc | 34 ---
.../adoc/modules/secman/partials/module-nav.adoc | 11 +-
.../tenancy/spi/ApplicationTenancyEvaluator.java | 35 ++-
.../secman/api/user/ApplicationUser.java | 0
.../secman/shiro/PrincipalForApplicationUser.java | 4 -
.../adoc/modules/jaxrsclient/pages/about.adoc | 8 +-
.../impl/client/JaxRsClientDefault.java | 3 +
.../adoc/modules/restclient/pages/about.adoc | 5 +-
.../isis/extensions/restclient/RestfulClient.java | 5 +
starters/adoc/modules/parent-pom/pages/about.adoc | 23 ++
starters/adoc/modules/starters/pages/about.adoc | 23 +-
.../adoc/modules/starters/pages/helloworld.adoc | 9 +-
.../adoc/modules/starters/pages/simpleapp.adoc | 112 ++------
.../modules/tooling-cli/examples/isis-tooling.yml | 148 +++++------
.../pages/extending/replacing-page-elements.adoc | 2 +-
.../modules/ROOT/pages/features/where-am-i.adoc | 2 +-
37 files changed, 831 insertions(+), 353 deletions(-)
diff --cc extensions/core/model-annotation/adoc/modules/model-annotation/pages/about.adoc
index 0000000,09d1dfa..e69de29
mode 000000,100644..100644
--- a/extensions/core/model-annotation/adoc/modules/model-annotation/pages/about.adoc
+++ b/extensions/core/model-annotation/adoc/modules/model-annotation/pages/about.adoc
diff --cc extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/tenancy/spi/ApplicationTenancyEvaluator.java
index d508297,0000000..91081dd
mode 100644,000000..100644
--- a/extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/tenancy/spi/ApplicationTenancyEvaluator.java
+++ b/extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/tenancy/spi/ApplicationTenancyEvaluator.java
@@@ -1,53 -1,0 +1,86 @@@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.isis.extensions.secman.api.tenancy.spi;
+
+import org.apache.isis.extensions.secman.api.user.dom.ApplicationUser;
+
+/**
+ * Optional SPI interface to be implemented by a domain service, providing an alternative mechanism for evaluating the
+ * application tenancy of the object being interacted with (the "what") and optionally also the tenancy of the user
+ * making the call (the "who").
+ *
+ * @see #handles(Class)
+ *
+ * @since 2.0 {@index}
+ */
+public interface ApplicationTenancyEvaluator {
+
+ /**
+ * Whether this evaluator can determine the tenancy of the specified domain entity (such as <tt>ToDoItem</tt>)
+ * being interacted with (the "what").
+ *
+ * <p>
+ * This method is also called to determine if the evaluator is also able to determine the tenancy of the
+ * security module's own {@link ApplicationUser}, ie the "who" is
+ * doing the interacting. If the evaluator does not handle the class, then the fallback behaviour is
+ * to invoke {@link ApplicationUser#getAtPath()}} on the {@link ApplicationUser} and use the
+ * path from that.
+ * </p>
+ */
+ boolean handles(Class<?> cls);
+
++ /**
++ * Whether this domain object should not be visible to the specified
++ * {@link ApplicationUser user}.
++ *
++ * <p>
++ * The domain object will be one that is handled by this evaluator,
++ * in other words that {@link #handles(Class)} was previously called
++ * and the evaluator returned <code>true</code>.
++ * </p>
++ * <p>
++ * A non-null return value means that the object should be hidden.
++ * </p>
++ */
+ String hides(Object domainObject, ApplicationUser applicationUser);
+
++ /**
++ * Whether the object members of this domain object should be
++ * disabled/read-only for the specified {@link ApplicationUser user}.
++ *
++ * <p>
++ * The domain object will be one that is handled by this evaluator,
++ * in other words that {@link #handles(Class)} was previously called
++ * and the evaluator returned <code>true</code>.
++ * </p>
++ *
++ * <p>
++ * This method is only called after
++ * {@link #hides(Object, ApplicationUser)} and only if that method
++ * returned <code>false</code>.
++ * </p>
++ *
++ * <p>
++ * A non-null return value means that the object should be disabled,
++ * and is used as the reason why the object member is disabled.
++ * </p>
++ */
+ String disables(Object domainObject, ApplicationUser applicationUser);
+
-
+}
diff --cc extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/user/ApplicationUser.java
index 0000000,5562353..e69de29
mode 000000,100644..100644
--- a/extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/user/ApplicationUser.java
+++ b/extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/user/ApplicationUser.java