You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@isis.apache.org by ah...@apache.org on 2019/12/12 17:16:25 UTC
[isis] branch master updated: ISIS-2177: lift
AuthenticationSession.getRoles() deprecation
This is an automated email from the ASF dual-hosted git repository.
ahuber pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/isis.git
The following commit(s) were added to refs/heads/master by this push:
new 89dab88 ISIS-2177: lift AuthenticationSession.getRoles() deprecation
89dab88 is described below
commit 89dab88b19879edafa164184db651511b8800ef4
Author: Andi Huber <ah...@apache.org>
AuthorDate: Thu Dec 12 18:16:14 2019 +0100
ISIS-2177: lift AuthenticationSession.getRoles() deprecation
instead make the return type immutable (Can<String>)
---
.../org/apache/isis/commons/collections/Can.java | 14 +++++++
.../services/user/UserServiceDefault.java | 43 ++++++++++------------
.../persistence/PersistenceSessionFactory5.java | 4 --
.../auth/AuthenticationSessionProviderDefault.java | 18 ++++-----
.../runtime/session/IsisSessionFactoryDefault.java | 14 ++-----
.../api/authentication/AuthenticationSession.java | 16 +-------
.../AuthenticationSessionAbstract.java | 10 ++++-
.../manager/AuthorizationManager.java | 16 ++++----
.../viewer/resources/UserReprRenderer.java | 2 +-
.../AuthenticatedWebSessionForIsis.java | 2 +-
10 files changed, 64 insertions(+), 75 deletions(-)
diff --git a/core/commons/src/main/java/org/apache/isis/commons/collections/Can.java b/core/commons/src/main/java/org/apache/isis/commons/collections/Can.java
index 521c0cd..44fa514 100644
--- a/core/commons/src/main/java/org/apache/isis/commons/collections/Can.java
+++ b/core/commons/src/main/java/org/apache/isis/commons/collections/Can.java
@@ -186,6 +186,18 @@ public interface Can<T> extends Iterable<T> {
return Can_Multiple.of(nonNullElements);
}
+
+ public static <T> Can<T> ofIterable(@Nullable Iterable<T> iterable) {
+
+ if(iterable==null) {
+ return empty();
+ }
+
+ val elements = new ArrayList<T>();
+ iterable.forEach(elements::add);
+
+ return ofCollection(elements);
+ }
/**
* Returns either a {@code Can} with all the elements from given {@code stream}
@@ -363,5 +375,7 @@ public interface Can<T> extends Iterable<T> {
Can::ofCollection);
}
+
+
}
diff --git a/core/metamodel/src/main/java/org/apache/isis/metamodel/services/user/UserServiceDefault.java b/core/metamodel/src/main/java/org/apache/isis/metamodel/services/user/UserServiceDefault.java
index d229184..97a7b05 100644
--- a/core/metamodel/src/main/java/org/apache/isis/metamodel/services/user/UserServiceDefault.java
+++ b/core/metamodel/src/main/java/org/apache/isis/metamodel/services/user/UserServiceDefault.java
@@ -19,8 +19,6 @@
package org.apache.isis.metamodel.services.user;
-import lombok.extern.log4j.Log4j2;
-
import java.util.ArrayList;
import java.util.List;
import java.util.Stack;
@@ -28,26 +26,29 @@ import java.util.Stack;
import javax.inject.Inject;
import javax.inject.Named;
-import org.apache.isis.applib.annotation.OrderPrecedence;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Primary;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Service;
+import org.apache.isis.applib.annotation.OrderPrecedence;
import org.apache.isis.applib.security.RoleMemento;
import org.apache.isis.applib.security.UserMemento;
import org.apache.isis.applib.services.sudo.SudoService;
import org.apache.isis.applib.services.user.UserService;
-import org.apache.isis.security.api.authentication.AuthenticationSession;
+import org.apache.isis.commons.collections.Can;
import org.apache.isis.security.api.authentication.AuthenticationSessionProvider;
+import lombok.val;
+
@Service
@Named("isisMetaModel.UserServiceDefault")
@Order(OrderPrecedence.MIDPOINT)
@Primary
@Qualifier("Default")
-@Log4j2
public class UserServiceDefault implements UserService {
+
+ @Inject private AuthenticationSessionProvider authenticationSessionProvider;
@Override
public UserMemento getUser() {
@@ -58,7 +59,7 @@ public class UserServiceDefault implements UserService {
final String username = userAndRoleOverrides.user;
- final List<String> roles;
+ final Can<String> roles;
if (userAndRoleOverrides.roles != null) {
roles = userAndRoleOverrides.roles;
} else {
@@ -70,40 +71,38 @@ public class UserServiceDefault implements UserService {
return new UserMemento(username, roleMementos);
} else {
- final AuthenticationSession session =
+ val authenticationSession =
authenticationSessionProvider.getAuthenticationSession();
- return session.createUserMemento();
+ return authenticationSession.createUserMemento();
}
}
- private List<String> previousRoles() {
- final List<String> roles;
-
- final AuthenticationSession session =
+ private Can<String> previousRoles() {
+ val authenticationSession =
authenticationSessionProvider.getAuthenticationSession();
- roles = session.getRoles();
+ val roles = authenticationSession.getRoles();
return roles;
}
public static class UserAndRoleOverrides {
final String user;
- final List<String> roles;
+ final Can<String> roles;
UserAndRoleOverrides(final String user) {
this(user, null);
}
- UserAndRoleOverrides(final String user, final List<String> roles) {
+ UserAndRoleOverrides(final String user, final Iterable<String> roles) {
this.user = user;
- this.roles = roles;
+ this.roles = Can.ofIterable(roles);
}
public String getUser() {
return user;
}
- public List<String> getRoles() {
+ public Can<String> getRoles() {
return roles;
}
}
@@ -117,7 +116,7 @@ public class UserServiceDefault implements UserService {
private void overrideUserAndRoles(final String user, final List<String> rolesIfAny) {
- final List<String> roles = rolesIfAny != null ? rolesIfAny : inheritRoles();
+ final Iterable<String> roles = rolesIfAny != null ? rolesIfAny : inheritRoles();
this.overrides.get().push(new UserAndRoleOverrides(user, roles));
}
@@ -135,14 +134,14 @@ public class UserServiceDefault implements UserService {
: null;
}
- private List<String> inheritRoles() {
+ private Can<String> inheritRoles() {
final UserAndRoleOverrides currentOverridesIfAny = currentOverridesIfAny();
return currentOverridesIfAny != null
? currentOverridesIfAny.getRoles()
: authenticationSessionProvider.getAuthenticationSession().getRoles();
}
- private static List<RoleMemento> asRoleMementos(final List<String> roles) {
+ private static List<RoleMemento> asRoleMementos(final Can<String> roles) {
final List<RoleMemento> mementos = new ArrayList<RoleMemento>();
if (roles != null) {
for (final String role : roles) {
@@ -157,7 +156,6 @@ public class UserServiceDefault implements UserService {
@Named("isisMetaModel.UserServiceDefault.SudoServiceSpi")
@Order(OrderPrecedence.MIDPOINT)
@Qualifier("UserServiceDefault")
- @Log4j2
public static class SudoServiceSpi implements SudoService.Spi {
@Override
@@ -174,7 +172,6 @@ public class UserServiceDefault implements UserService {
UserServiceDefault userServiceDefault;
}
- @Inject
- AuthenticationSessionProvider authenticationSessionProvider;
+
}
diff --git a/core/persistence/jdo/datanucleus-5/src/main/java/org/apache/isis/persistence/jdo/datanucleus5/persistence/PersistenceSessionFactory5.java b/core/persistence/jdo/datanucleus-5/src/main/java/org/apache/isis/persistence/jdo/datanucleus5/persistence/PersistenceSessionFactory5.java
index 5f1845b..9d2fa62 100644
--- a/core/persistence/jdo/datanucleus-5/src/main/java/org/apache/isis/persistence/jdo/datanucleus5/persistence/PersistenceSessionFactory5.java
+++ b/core/persistence/jdo/datanucleus-5/src/main/java/org/apache/isis/persistence/jdo/datanucleus5/persistence/PersistenceSessionFactory5.java
@@ -204,10 +204,6 @@ implements PersistenceSessionFactory, FixturesInstalledStateHolder {
this.storeLifecycleListener = null;
}
- /**
- * Called by {@link org.apache.isis.runtime.session.IsisSessionFactory#openSession(AuthenticationSession)}.
- */
-
@Override
public PersistenceSession5 createPersistenceSession(
final AuthenticationSession authenticationSession) {
diff --git a/core/runtime-services/src/main/java/org/apache/isis/runtime/services/auth/AuthenticationSessionProviderDefault.java b/core/runtime-services/src/main/java/org/apache/isis/runtime/services/auth/AuthenticationSessionProviderDefault.java
index 97fe70f..0ed138b 100644
--- a/core/runtime-services/src/main/java/org/apache/isis/runtime/services/auth/AuthenticationSessionProviderDefault.java
+++ b/core/runtime-services/src/main/java/org/apache/isis/runtime/services/auth/AuthenticationSessionProviderDefault.java
@@ -18,19 +18,15 @@
*/
package org.apache.isis.runtime.services.auth;
-import lombok.extern.log4j.Log4j2;
-
-import java.util.List;
-
import javax.inject.Inject;
import javax.inject.Named;
-import org.apache.isis.applib.annotation.OrderPrecedence;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Primary;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Service;
+import org.apache.isis.applib.annotation.OrderPrecedence;
import org.apache.isis.metamodel.services.user.UserServiceDefault;
import org.apache.isis.runtime.session.IsisSession;
import org.apache.isis.runtime.session.IsisSessionFactory;
@@ -38,12 +34,13 @@ import org.apache.isis.security.api.authentication.AuthenticationSession;
import org.apache.isis.security.api.authentication.AuthenticationSessionProvider;
import org.apache.isis.security.api.authentication.standard.SimpleSession;
+import lombok.val;
+
@Service
@Named("isisRuntimeServices.AuthenticationSessionProviderDefault")
@Order(OrderPrecedence.MIDPOINT)
@Primary
@Qualifier("Default")
-@Log4j2
public class AuthenticationSessionProviderDefault implements AuthenticationSessionProvider {
@Inject protected UserServiceDefault userServiceDefault;
@@ -59,13 +56,12 @@ public class AuthenticationSessionProviderDefault implements AuthenticationSessi
@Override
public AuthenticationSession getAuthenticationSession() {
- // if user/role has been overridden by SudoService, then honour that value.
- final UserServiceDefault.UserAndRoleOverrides userAndRoleOverrides =
- userServiceDefault.currentOverridesIfAny();
+ // if user/role has been overridden by SudoService, then honor that value.
+ val userAndRoleOverrides = userServiceDefault.currentOverridesIfAny();
if(userAndRoleOverrides != null) {
- final String user = userAndRoleOverrides.getUser();
- final List<String> roles = userAndRoleOverrides.getRoles();
+ val user = userAndRoleOverrides.getUser();
+ val roles = userAndRoleOverrides.getRoles();
return new SimpleSession(user, roles);
}
diff --git a/core/runtime/src/main/java/org/apache/isis/runtime/session/IsisSessionFactoryDefault.java b/core/runtime/src/main/java/org/apache/isis/runtime/session/IsisSessionFactoryDefault.java
index aec56d7..bd6e153 100644
--- a/core/runtime/src/main/java/org/apache/isis/runtime/session/IsisSessionFactoryDefault.java
+++ b/core/runtime/src/main/java/org/apache/isis/runtime/session/IsisSessionFactoryDefault.java
@@ -27,7 +27,6 @@ import javax.annotation.PreDestroy;
import javax.inject.Inject;
import javax.inject.Named;
-import org.apache.isis.applib.annotation.OrderPrecedence;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Primary;
import org.springframework.context.event.ContextRefreshedEvent;
@@ -35,6 +34,10 @@ import org.springframework.context.event.EventListener;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Service;
+import org.apache.isis.applib.annotation.OrderPrecedence;
+import org.apache.isis.applib.util.schema.ChangesDtoUtils;
+import org.apache.isis.applib.util.schema.CommandDtoUtils;
+import org.apache.isis.applib.util.schema.InteractionDtoUtils;
import org.apache.isis.commons.internal.collections._Sets;
import org.apache.isis.commons.internal.concurrent._ConcurrentContext;
import org.apache.isis.commons.internal.concurrent._ConcurrentTaskList;
@@ -45,12 +48,8 @@ import org.apache.isis.metamodel.specloader.SpecificationLoader;
import org.apache.isis.runtime.context.session.RuntimeEventService;
import org.apache.isis.runtime.session.init.IsisLocaleInitializer;
import org.apache.isis.runtime.session.init.IsisTimeZoneInitializer;
-import org.apache.isis.applib.util.schema.ChangesDtoUtils;
-import org.apache.isis.applib.util.schema.CommandDtoUtils;
-import org.apache.isis.applib.util.schema.InteractionDtoUtils;
import org.apache.isis.security.api.authentication.AuthenticationSession;
import org.apache.isis.security.api.authentication.manager.AuthenticationManager;
-import org.apache.isis.security.api.authorization.manager.AuthorizationManager;
import static org.apache.isis.commons.internal.base._With.requires;
@@ -76,7 +75,6 @@ import lombok.extern.log4j.Log4j2;
public class IsisSessionFactoryDefault implements IsisSessionFactory {
@Inject private AuthenticationManager authenticationManager;
- @Inject private AuthorizationManager authorizationManager;
@Inject private RuntimeEventService runtimeEventService;
@Inject private SpecificationLoader specificationLoader;
@Inject private MetaModelContext metaModelContext;
@@ -189,9 +187,5 @@ public class IsisSessionFactoryDefault implements IsisSessionFactory {
}
}
- private AuthorizationManager getAuthorizationManager() {
- return authorizationManager;
- }
-
}
diff --git a/core/security/api/src/main/java/org/apache/isis/security/api/authentication/AuthenticationSession.java b/core/security/api/src/main/java/org/apache/isis/security/api/authentication/AuthenticationSession.java
index 2331198..3d6bbe0 100644
--- a/core/security/api/src/main/java/org/apache/isis/security/api/authentication/AuthenticationSession.java
+++ b/core/security/api/src/main/java/org/apache/isis/security/api/authentication/AuthenticationSession.java
@@ -20,11 +20,9 @@
package org.apache.isis.security.api.authentication;
import java.io.Serializable;
-import java.util.List;
-import java.util.stream.Collectors;
-import java.util.stream.Stream;
import org.apache.isis.applib.security.UserMemento;
+import org.apache.isis.commons.collections.Can;
import org.apache.isis.commons.internal.encoding.Encodable;
import org.apache.isis.security.api.authentication.manager.AuthenticationManager;
@@ -42,18 +40,8 @@ public interface AuthenticationSession extends Encodable, Serializable {
/**
* The roles this user belongs to
- * @deprecated use streamRoles()
*/
- @Deprecated
- default List<String> getRoles() {
- return streamRoles().collect(Collectors.toList());
- }
-
- /**
- * The roles this user belongs to
- * @since 2.0
- */
- Stream<String> streamRoles();
+ Can<String> getRoles();
/**
* Whether this user has specified {@code role}
diff --git a/core/security/api/src/main/java/org/apache/isis/security/api/authentication/AuthenticationSessionAbstract.java b/core/security/api/src/main/java/org/apache/isis/security/api/authentication/AuthenticationSessionAbstract.java
index 1d14417..c8836c6 100644
--- a/core/security/api/src/main/java/org/apache/isis/security/api/authentication/AuthenticationSessionAbstract.java
+++ b/core/security/api/src/main/java/org/apache/isis/security/api/authentication/AuthenticationSessionAbstract.java
@@ -32,6 +32,7 @@ import java.util.stream.Stream;
import org.apache.isis.applib.security.RoleMemento;
import org.apache.isis.applib.security.UserMemento;
import org.apache.isis.applib.util.ToString;
+import org.apache.isis.commons.collections.Can;
import org.apache.isis.commons.internal.base._Strings;
import org.apache.isis.commons.internal.collections._Lists;
import org.apache.isis.commons.internal.collections._Sets;
@@ -48,6 +49,7 @@ public abstract class AuthenticationSessionAbstract implements AuthenticationSes
private final String name;
private final Set<String> roles = _Sets.newHashSet();
+ private transient Can<String> rolesImmutable;
private final String validationCode;
private final Map<String, Object> attributeByName = new HashMap<String, Object>();
@@ -73,6 +75,7 @@ public abstract class AuthenticationSessionAbstract implements AuthenticationSes
public AuthenticationSessionAbstract(final DataInputExtended input) throws IOException {
this.name = input.readUTF();
this.roles.addAll(Arrays.asList(input.readUTFs()));
+
this.validationCode = input.readUTF();
this.messageBroker = new MessageBroker();
// nothing to do
@@ -102,8 +105,11 @@ public abstract class AuthenticationSessionAbstract implements AuthenticationSes
// -- Roles
@Override
- public Stream<String> streamRoles() {
- return roles.stream();
+ public Can<String> getRoles() {
+ if(rolesImmutable==null) { // lazy in support of serialization
+ rolesImmutable = Can.ofCollection(roles);
+ }
+ return rolesImmutable;
}
@Override
diff --git a/core/security/api/src/main/java/org/apache/isis/security/api/authorization/manager/AuthorizationManager.java b/core/security/api/src/main/java/org/apache/isis/security/api/authorization/manager/AuthorizationManager.java
index ffe866d..570b7c0 100644
--- a/core/security/api/src/main/java/org/apache/isis/security/api/authorization/manager/AuthorizationManager.java
+++ b/core/security/api/src/main/java/org/apache/isis/security/api/authorization/manager/AuthorizationManager.java
@@ -19,20 +19,19 @@
package org.apache.isis.security.api.authorization.manager;
-import lombok.extern.log4j.Log4j2;
-
import javax.inject.Inject;
import javax.inject.Named;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.context.annotation.Primary;
+import org.springframework.core.annotation.Order;
+import org.springframework.stereotype.Service;
+
import org.apache.isis.applib.Identifier;
import org.apache.isis.applib.annotation.OrderPrecedence;
import org.apache.isis.applib.services.sudo.SudoService;
import org.apache.isis.security.api.authentication.AuthenticationSession;
import org.apache.isis.security.api.authorization.standard.Authorizor;
-import org.springframework.beans.factory.annotation.Qualifier;
-import org.springframework.context.annotation.Primary;
-import org.springframework.core.annotation.Order;
-import org.springframework.stereotype.Service;
/**
* Authorizes the user in the current session view and use members of an object.
@@ -42,7 +41,6 @@ import org.springframework.stereotype.Service;
@Order(OrderPrecedence.MIDPOINT)
@Primary
@Qualifier("Default")
-@Log4j2
public class AuthorizationManager {
private final Authorizor authorizor;
@@ -71,7 +69,7 @@ public class AuthorizationManager {
return true;
}
- if(session.streamRoles()
+ if(session.getRoles().stream()
.anyMatch(roleName->authorizor.isUsableInRole(roleName, identifier)) ) {
return true;
}
@@ -103,7 +101,7 @@ public class AuthorizationManager {
if (authorizor.isVisibleInAnyRole(identifier)) {
return true;
}
- if(session.streamRoles()
+ if(session.getRoles().stream()
.anyMatch(roleName->authorizor.isVisibleInRole(roleName, identifier)) ) {
return true;
}
diff --git a/core/viewers/restfulobjects/viewer/src/main/java/org/apache/isis/viewer/restfulobjects/viewer/resources/UserReprRenderer.java b/core/viewers/restfulobjects/viewer/src/main/java/org/apache/isis/viewer/restfulobjects/viewer/resources/UserReprRenderer.java
index e5189f9..6935fa6 100644
--- a/core/viewers/restfulobjects/viewer/src/main/java/org/apache/isis/viewer/restfulobjects/viewer/resources/UserReprRenderer.java
+++ b/core/viewers/restfulobjects/viewer/src/main/java/org/apache/isis/viewer/restfulobjects/viewer/resources/UserReprRenderer.java
@@ -38,7 +38,7 @@ public class UserReprRenderer extends ReprRendererAbstract<UserReprRenderer, Aut
representation.mapPut("userName", authenticationSession.getUserName());
final JsonRepresentation roles = JsonRepresentation.newArray();
- authenticationSession.streamRoles()
+ authenticationSession.getRoles().stream()
.forEach(roles::arrayAdd);
representation.mapPut("roles", roles);
diff --git a/core/viewers/wicket/viewer/src/main/java/org/apache/isis/viewer/wicket/viewer/integration/AuthenticatedWebSessionForIsis.java b/core/viewers/wicket/viewer/src/main/java/org/apache/isis/viewer/wicket/viewer/integration/AuthenticatedWebSessionForIsis.java
index 610fbd0..be11165 100644
--- a/core/viewers/wicket/viewer/src/main/java/org/apache/isis/viewer/wicket/viewer/integration/AuthenticatedWebSessionForIsis.java
+++ b/core/viewers/wicket/viewer/src/main/java/org/apache/isis/viewer/wicket/viewer/integration/AuthenticatedWebSessionForIsis.java
@@ -195,7 +195,7 @@ implements BreadcrumbModelProvider, BookmarkedPagesModelProvider, IsisWebAppComm
}
final Roles roles = new Roles();
- getAuthenticationSession().streamRoles()
+ getAuthenticationSession().getRoles().stream()
.forEach(roles::add);
return roles;
}