You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@isis.apache.org by ah...@apache.org on 2022/01/14 08:25:24 UTC

[isis] branch master updated: ISIS-2729: updating comments

This is an automated email from the ASF dual-hosted git repository.

ahuber pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/isis.git


The following commit(s) were added to refs/heads/master by this push:
     new bcea995  ISIS-2729: updating comments
bcea995 is described below

commit bcea9957ea70d87ea7bd21ad5765173db45f13ff
Author: Andi Huber <ah...@apache.org>
AuthorDate: Fri Jan 14 09:25:16 2022 +0100

    ISIS-2729: updating comments
---
 .../java/org/apache/isis/applib/services/user/ImpersonateMenu.java    | 4 ++--
 .../apache/isis/security/spring/webmodule/SpringSecurityFilter.java   | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/api/applib/src/main/java/org/apache/isis/applib/services/user/ImpersonateMenu.java b/api/applib/src/main/java/org/apache/isis/applib/services/user/ImpersonateMenu.java
index e2b7930..f4e27b9 100644
--- a/api/applib/src/main/java/org/apache/isis/applib/services/user/ImpersonateMenu.java
+++ b/api/applib/src/main/java/org/apache/isis/applib/services/user/ImpersonateMenu.java
@@ -99,7 +99,7 @@ public class ImpersonateMenu {
         @MemberSupport public void act(
                 final String userName) {
 
-            // TODO: should use an SPI for each configured viewer to add in its own role if necessary.
+            // adds generic authorized user role to indicate 'authorized' (as required by Wicket viewer)
             userService.impersonateUser(userName, Collections.singletonList(UserMemento.AUTHORIZED_USER_ROLE), null);
             messageService.informUser("Now impersonating " + userName);
         }
@@ -146,7 +146,7 @@ public class ImpersonateMenu {
                 final List<String> roleNames,
                 final String multiTenancyToken) {
 
-            // TODO: should use an SPI for each configured viewer to add in its own role if necessary.
+            // adds generic authorized user role to indicate 'authorized' (as required by Wicket viewer)
             val roleNamesCopy = new ArrayList<>(roleNames);
             if(!roleNamesCopy.contains(UserMemento.AUTHORIZED_USER_ROLE)) {
                 roleNamesCopy.add(UserMemento.AUTHORIZED_USER_ROLE);
diff --git a/security/spring/src/main/java/org/apache/isis/security/spring/webmodule/SpringSecurityFilter.java b/security/spring/src/main/java/org/apache/isis/security/spring/webmodule/SpringSecurityFilter.java
index 521b608..c958e4d 100644
--- a/security/spring/src/main/java/org/apache/isis/security/spring/webmodule/SpringSecurityFilter.java
+++ b/security/spring/src/main/java/org/apache/isis/security/spring/webmodule/SpringSecurityFilter.java
@@ -80,7 +80,7 @@ public class SpringSecurityFilter implements Filter {
             return; // unknown principal type, not handled
         }
 
-        // TODO: this should be added by Wicket viewer
+        // adds generic authorized user role to indicate 'authorized' (as required by Wicket viewer)
         userMemento = userMemento.withRoleAdded(UserMemento.AUTHORIZED_USER_ROLE)
                 .withAuthenticationSource(AuthenticationSource.EXTERNAL);