You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@isis.apache.org by da...@apache.org on 2021/05/23 14:12:32 UTC

[isis] 01/01: Merge branch '2.0.0-M5'

This is an automated email from the ASF dual-hosted git repository.

danhaywood pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/isis.git

commit 29c7a201e60e28e6f81b5773193e2a88f28d8d4e
Merge: d79a744 909d110
Author: danhaywood <da...@haywood-associates.co.uk>
AuthorDate: Sun May 23 15:11:21 2021 +0100

    Merge branch '2.0.0-M5'

 .../components/docs/modules/ROOT/pages/about.adoc  |   2 +-
 .../ErrorReportingService_010-implementation.adoc  |   2 +-
 .../pages/index/restclient/RestfulClient.adoc      |   2 +
 .../api/tenancy/ApplicationTenancyEvaluator.adoc   |  34 ++-
 .../index/secman/api/user/ApplicationUser.adoc     |  30 ++-
 core/adoc/modules/_overview/pages/about.adoc       |  78 +-----
 .../modules/config/pages/sections/datanucleus.adoc |   2 +-
 .../src/main/adoc/modules/demo/pages/about.adoc    |  10 +-
 .../adoc/modules/model-annotation/pages/about.adoc |   0
 .../secman/images/secman-domain-model.drawio.svg   |   1 +
 .../images/secman-shiro-architecture.drawio.svg    |   1 +
 .../secman-shiro-delegate-architecture.drawio.svg  |   1 +
 ...s-security-module-realm-with-delegate-realm.PNG | Bin 45089 -> 0 bytes
 ...iro-to-use-isisaddons-security-module-realm.PNG | Bin 38713 -> 0 bytes
 .../secman/adoc/modules/secman/pages/about.adoc    | 273 ++++++++++++++++++-
 .../secman/adoc/modules/secman/pages/api.adoc      |   7 -
 .../modules/secman/pages/jbcrypt-encryption.adoc   |   7 -
 .../adoc/modules/secman/pages/jdo-persistence.adoc |   7 -
 .../adoc/modules/secman/pages/jpa-persistence.adoc |   8 -
 .../secman/adoc/modules/secman/pages/model.adoc    |   7 -
 .../adoc/modules/secman/pages/setting-up.adoc      | 288 +++++++++++++++++++++
 .../adoc/modules/secman/pages/shiro-realm.adoc     |  34 ---
 .../adoc/modules/secman/partials/module-nav.adoc   |  11 +-
 .../tenancy/spi/ApplicationTenancyEvaluator.java   |  35 ++-
 .../secman/api/user/ApplicationUser.java           |   0
 .../secman/shiro/PrincipalForApplicationUser.java  |   4 -
 .../adoc/modules/jaxrsclient/pages/about.adoc      |   8 +-
 .../impl/client/JaxRsClientDefault.java            |   3 +
 .../adoc/modules/restclient/pages/about.adoc       |   5 +-
 .../isis/extensions/restclient/RestfulClient.java  |   5 +
 starters/adoc/modules/parent-pom/pages/about.adoc  |  23 ++
 starters/adoc/modules/starters/pages/about.adoc    |  23 +-
 .../adoc/modules/starters/pages/helloworld.adoc    |   9 +-
 .../adoc/modules/starters/pages/simpleapp.adoc     | 112 ++------
 .../modules/tooling-cli/examples/isis-tooling.yml  | 148 +++++------
 .../pages/extending/replacing-page-elements.adoc   |   2 +-
 .../modules/ROOT/pages/features/where-am-i.adoc    |   2 +-
 37 files changed, 831 insertions(+), 353 deletions(-)

diff --cc extensions/core/model-annotation/adoc/modules/model-annotation/pages/about.adoc
index 0000000,09d1dfa..e69de29
mode 000000,100644..100644
--- a/extensions/core/model-annotation/adoc/modules/model-annotation/pages/about.adoc
+++ b/extensions/core/model-annotation/adoc/modules/model-annotation/pages/about.adoc
diff --cc extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/tenancy/spi/ApplicationTenancyEvaluator.java
index d508297,0000000..91081dd
mode 100644,000000..100644
--- a/extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/tenancy/spi/ApplicationTenancyEvaluator.java
+++ b/extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/tenancy/spi/ApplicationTenancyEvaluator.java
@@@ -1,53 -1,0 +1,86 @@@
 +/*
 + *  Licensed to the Apache Software Foundation (ASF) under one
 + *  or more contributor license agreements.  See the NOTICE file
 + *  distributed with this work for additional information
 + *  regarding copyright ownership.  The ASF licenses this file
 + *  to you under the Apache License, Version 2.0 (the
 + *  "License"); you may not use this file except in compliance
 + *  with the License.  You may obtain a copy of the License at
 + *
 + *        http://www.apache.org/licenses/LICENSE-2.0
 + *
 + *  Unless required by applicable law or agreed to in writing,
 + *  software distributed under the License is distributed on an
 + *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 + *  KIND, either express or implied.  See the License for the
 + *  specific language governing permissions and limitations
 + *  under the License.
 + */
 +package org.apache.isis.extensions.secman.api.tenancy.spi;
 +
 +import org.apache.isis.extensions.secman.api.user.dom.ApplicationUser;
 +
 +/**
 + * Optional SPI interface to be implemented by a domain service, providing an alternative mechanism for evaluating the
 + * application tenancy of the object being interacted with (the "what") and optionally also the tenancy of the user
 + * making the call (the "who").
 + *
 + * @see #handles(Class)
 + *
 + * @since 2.0 {@index}
 + */
 +public interface ApplicationTenancyEvaluator {
 +
 +    /**
 +     * Whether this evaluator can determine the tenancy of the specified domain entity (such as <tt>ToDoItem</tt>)
 +     * being interacted with (the "what").
 +     *
 +     * <p>
 +     *     This method is also called to determine if the evaluator is also able to determine the tenancy of the
 +     *     security module's own {@link ApplicationUser}, ie the "who" is
 +     *     doing the interacting.  If the evaluator does not handle the class, then the fallback behaviour is
 +     *     to invoke {@link ApplicationUser#getAtPath()}} on the {@link ApplicationUser} and use the
 +     *     path from that.
 +     * </p>
 +     */
 +    boolean handles(Class<?> cls);
 +
++    /**
++     * Whether this domain object should not be visible to the specified
++     * {@link ApplicationUser user}.
++     *
++     * <p>
++     *     The domain object will be one that is handled by this evaluator,
++     *     in other words that {@link #handles(Class)} was previously called
++     *     and the evaluator returned <code>true</code>.
++     * </p>
++     * <p>
++     *     A non-null return value means that the object should be hidden.
++     * </p>
++     */
 +    String hides(Object domainObject, ApplicationUser applicationUser);
 +
++    /**
++     * Whether the object members of this domain object should be
++     * disabled/read-only for the specified {@link ApplicationUser user}.
++     *
++     * <p>
++     *     The domain object will be one that is handled by this evaluator,
++     *     in other words that {@link #handles(Class)} was previously called
++     *     and the evaluator returned <code>true</code>.
++     * </p>
++     *
++     * <p>
++     *     This method is only called after
++     *     {@link #hides(Object, ApplicationUser)} and only if that method
++     *     returned <code>false</code>.
++     * </p>
++     *
++     * <p>
++     *     A non-null return value means that the object should be disabled,
++     *     and is used as the reason why the object member is disabled.
++     * </p>
++     */
 +    String disables(Object domainObject, ApplicationUser applicationUser);
 +
- 
 +}
diff --cc extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/user/ApplicationUser.java
index 0000000,5562353..e69de29
mode 000000,100644..100644
--- a/extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/user/ApplicationUser.java
+++ b/extensions/security/secman/api/src/main/java/org/apache/isis/extensions/secman/api/user/ApplicationUser.java