You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@isis.apache.org by da...@apache.org on 2021/06/10 08:53:03 UTC
[isis] branch master updated (96d097a -> 7a9b864)
This is an automated email from the ASF dual-hosted git repository.
danhaywood pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/isis.git.
from 96d097a ISIS-2483: further improvements to secman docs.
new 0f080d0 ISIS-2483: adds built-in role that was not being setup automatically by SecMan
new a73fd26 ISIS-2483: fixes secman's persistence modules so that they bring in the dependency of secman-integration
new 7a9b864 ISIS-2483: adds docs on menubars for prototyping and secman
The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../modules/fun/pages/ui/menubars-layout.adoc | 85 ++++++++++++++++++++++
.../adoc/modules/secman/pages/setting-up.adoc | 65 +++++++++++++++++
.../scripts/SeedUsersAndRolesFixtureScript.java | 16 ++--
extensions/security/secman/persistence-jdo/pom.xml | 2 +-
extensions/security/secman/persistence-jpa/pom.xml | 4 -
5 files changed, 160 insertions(+), 12 deletions(-)
[isis] 03/03: ISIS-2483: adds docs on menubars for prototyping and
secman
Posted by da...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
danhaywood pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/isis.git
commit 7a9b864f14eb6d0f4d47319d00e0b296a32ed026
Author: danhaywood <da...@haywood-associates.co.uk>
AuthorDate: Thu Jun 10 09:52:46 2021 +0100
ISIS-2483: adds docs on menubars for prototyping and secman
---
.../modules/fun/pages/ui/menubars-layout.adoc | 85 ++++++++++++++++++++++
.../adoc/modules/secman/pages/setting-up.adoc | 65 +++++++++++++++++
2 files changed, 150 insertions(+)
diff --git a/antora/components/userguide/modules/fun/pages/ui/menubars-layout.adoc b/antora/components/userguide/modules/fun/pages/ui/menubars-layout.adoc
index 055bb4d..a164220 100644
--- a/antora/components/userguide/modules/fun/pages/ui/menubars-layout.adoc
+++ b/antora/components/userguide/modules/fun/pages/ui/menubars-layout.adoc
@@ -173,6 +173,91 @@ If running in prototype mode, the file will be dynamically reloaded from the cla
Once the application has bootstrapped with a layout file, downloading the "Default" layout (from the prototyping menu) in essence just returns this file.
+
+=== Prototyping menu
+
+The framework provides a large number of menu actions available in prototyping mode.
+You can use `menubars.layout.xml` to arrange these as you see fit, though our recommendation is to place them all in a "Prototyping" secondary menu:
+
+[source,xml]
+.menubars.layout.xml
+----
+<mb3:secondary>
+ <mb3:menu>
+ <mb3:named>Prototyping</mb3:named>
+ <mb3:section>
+ <mb3:named>Fixtures</mb3:named>
+ <mb3:serviceAction objectType="isis.testing.fixtures.FixtureScripts" id="runFixtureScript"/>
+ <mb3:serviceAction objectType="isis.testing.fixtures.FixtureScripts" id="recreateObjectsAndReturnFirst"/>
+ </mb3:section>
+ <mb3:section>
+ <mb3:named>Layouts</mb3:named>
+ <mb3:serviceAction objectType="isis.applib.LayoutServiceMenu" id="downloadLayouts"/>
+ <mb3:serviceAction objectType="isis.applib.LayoutServiceMenu" id="downloadMenuBarsLayout"/>
+ </mb3:section>
+ <mb3:section>
+ <mb3:named>Meta Model and Features</mb3:named>
+ <mb3:serviceAction objectType="isis.applib.MetaModelServiceMenu" id="downloadMetaModelXml"/>
+ <mb3:serviceAction objectType="isis.applib.MetaModelServiceMenu" id="downloadMetaModelCsv"/>
+ <mb3:serviceAction objectType="isis.feat.ApplicationFeatureMenu" id="allNamespaces"/>
+ <mb3:serviceAction objectType="isis.feat.ApplicationFeatureMenu" id="allTypes"/>
+ <mb3:serviceAction objectType="isis.feat.ApplicationFeatureMenu" id="allActions"/>
+ <mb3:serviceAction objectType="isis.feat.ApplicationFeatureMenu" id="allProperties"/>
+ <mb3:serviceAction objectType="isis.feat.ApplicationFeatureMenu" id="allCollections"/>
+ </mb3:section>
+ <mb3:section>
+ <mb3:named>Persistence</mb3:named>
+ <mb3:serviceAction objectType="isis.persistence.jdo.JdoMetamodelMenu" id="downloadMetamodels"/>
+ <mb3:serviceAction objectType="isis.ext.h2Console.H2ManagerMenu" id="openH2Console"/>
+ </mb3:section>
+ <mb3:section>
+ <mb3:named>REST API</mb3:named>
+ <mb3:serviceAction objectType="isis.viewer.restfulobjects.SwaggerServiceMenu" id="openSwaggerUi"/>
+ <mb3:serviceAction objectType="isis.viewer.restfulobjects.SwaggerServiceMenu" id="openRestApi"/>
+ <mb3:serviceAction objectType="isis.viewer.restfulobjects.SwaggerServiceMenu" id="downloadSwaggerSchemaDefinition"/>
+ </mb3:section>
+ <mb3:section>
+ <mb3:named>i18n</mb3:named>
+ <mb3:serviceAction objectType="isis.applib.TranslationServicePoMenu" id="downloadTranslations"/>
+ <mb3:serviceAction objectType="isis.applib.TranslationServicePoMenu" id="resetTranslationCache"/>
+ <mb3:serviceAction objectType="isis.applib.TranslationServicePoMenu" id="switchToReadingTranslations"/>
+ <mb3:serviceAction objectType="isis.applib.TranslationServicePoMenu" id="switchToWritingTranslations"/>
+ </mb3:section>
+ </mb3:menu>
+</mb3:secondary>
+----
+
+
+=== Tertiary menu
+
+The framework also provides a number of menu actions available in production (as oppposed to prototyping) mode.
+You can use `menubars.layout.xml` to arrange these as you see fit, though our recommendation is to place them in the tertiary menu:
+
+[source,xml]
+.menubars.layout.xml
+----
+<mb3:tertiary>
+ <mb3:menu>
+ <mb3:named/>
+ <mb3:section>
+ <mb3:named>Configuration</mb3:named>
+ <mb3:serviceAction objectType="isis.conf.ConfigurationMenu" id="configuration"/>
+ </mb3:section>
+ <mb3:section>
+ <mb3:named>Impersonate</mb3:named>
+ <mb3:serviceAction objectType="isis.sudo.ImpersonateMenu" id="impersonate"/>
+ <mb3:serviceAction objectType="isis.sudo.ImpersonateMenu" id="impersonateWithRoles"/>
+ <mb3:serviceAction objectType="isis.sudo.ImpersonateMenu" id="stopImpersonating"/>
+ </mb3:section>
+ <mb3:section>
+ <mb3:serviceAction objectType="isis.security.LogoutMenu" id="logout"/>
+ </mb3:section>
+ </mb3:menu>
+</mb3:tertiary>
+----
+
+
+
=== Downloading the layout file
The current `menubars.layout.xml` can be downloaded from the xref:refguide:applib:index/services/menu/MenuBarsService.adoc[MenuBarsService] (exposed on the prototyping menu):
diff --git a/extensions/security/secman/adoc/modules/secman/pages/setting-up.adoc b/extensions/security/secman/adoc/modules/secman/pages/setting-up.adoc
index 70da767..2c3d762 100644
--- a/extensions/security/secman/adoc/modules/secman/pages/setting-up.adoc
+++ b/extensions/security/secman/adoc/modules/secman/pages/setting-up.adoc
@@ -81,6 +81,13 @@ public class AppManifest {
<.> use Jbcrypt to encrypt passwords
<.> fixture script support
+In addition, you will probably want to *remove* the `IsisModuleSecurityShiro.class` dependency so that SecMan can take care of both authentication _and_ authorisation.
+
+[NOTE]
+====
+It also possible to use SecMan in conjunction with Shiro, as described xref:setting-up-with-shiro.adoc[here].
+The primary use case is to support delegated users that Shiro authenticates externally using LDAP, for example.
+====
[#configure-properties]
== Configuration Properties
@@ -132,6 +139,64 @@ These can be removed (through the UI).
+
This is discussed in more detail <<user-registration-aka-sign-up,below>>.
+
+== menubar.layout.xml
+
+SecMan provides a large number of menu actions.
+You can use `menubars.layout.xml` to arrange these as you see fit.
+To get you started, the following fragment adds all of the actions to a "Security" secondary menu:
+
+[source,xml]
+.menubars.layout.xml
+----
+<mb3:secondary>
+ ...
+ <mb3:menu>
+ <mb3:named>Security</mb3:named>
+ <mb3:section>
+ <mb3:named>Users</mb3:named>
+ <mb3:serviceAction objectType="isis.ext.secman.ApplicationUserMenu" id="userManager"/>
+ <mb3:serviceAction objectType="isis.ext.secman.ApplicationUserMenu" id="findUsers"/>
+ </mb3:section>
+ <mb3:section>
+ <mb3:named>Roles</mb3:named>
+ <mb3:serviceAction objectType="isis.ext.secman.ApplicationRoleMenu" id="findRoles"/>
+ <mb3:serviceAction objectType="isis.ext.secman.ApplicationRoleMenu" id="newRole"/>
+ <mb3:serviceAction objectType="isis.ext.secman.ApplicationRoleMenu" id="allRoles"/>
+ </mb3:section>
+ <mb3:section>
+ <mb3:named>Permissions</mb3:named>
+ <mb3:serviceAction objectType="isis.ext.secman.ApplicationPermissionMenu" id="allPermissions"/>
+ <mb3:serviceAction objectType="isis.ext.secman.ApplicationPermissionMenu" id="findOrphanedPermissions"/>
+ </mb3:section>
+ <mb3:section>
+ <mb3:named>Tenancies</mb3:named>
+ <mb3:serviceAction objectType="isis.ext.secman.ApplicationTenancyMenu" id="findTenancies"/>
+ <mb3:serviceAction objectType="isis.ext.secman.ApplicationTenancyMenu" id="newTenancy"/>
+ <mb3:serviceAction objectType="isis.ext.secman.ApplicationTenancyMenu" id="allTenancies"/>
+ </mb3:section>
+ </mb3:menu>
+</mb3:secondary>
+----
+
+We also recommend adding the non-production "me" action to the tertiary menu, eg just above the "logout" action:
+
+[source,xml]
+.menubars.layout.xml
+----
+<mb3:tertiary>
+ <mb3:menu>
+ ...
+ <mb3:section>
+ <mb3:serviceAction objectType="isis.ext.secman.MeService" id="me"/>
+ <mb3:serviceAction objectType="isis.security.LogoutMenu" id="logout"/>
+ </mb3:section>
+ </mb3:menu>
+</mb3:tertiary>
+----
+
+
+
[#default-roles]
== Default Roles
[isis] 01/03: ISIS-2483: adds built-in role that was not being
setup automatically by SecMan
Posted by da...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
danhaywood pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/isis.git
commit 0f080d037679c2f0f987902618c8b185ac9b8e9e
Author: danhaywood <da...@haywood-associates.co.uk>
AuthorDate: Thu Jun 10 09:48:31 2021 +0100
ISIS-2483: adds built-in role that was not being setup automatically by SecMan
---
.../seed/scripts/SeedUsersAndRolesFixtureScript.java | 16 +++++++++-------
1 file changed, 9 insertions(+), 7 deletions(-)
diff --git a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/seed/scripts/SeedUsersAndRolesFixtureScript.java b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/seed/scripts/SeedUsersAndRolesFixtureScript.java
index acc19b1..e6b96df 100644
--- a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/seed/scripts/SeedUsersAndRolesFixtureScript.java
+++ b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/seed/scripts/SeedUsersAndRolesFixtureScript.java
@@ -21,16 +21,17 @@ package org.apache.isis.extensions.secman.applib.seed.scripts;
import javax.inject.Inject;
import org.apache.isis.extensions.secman.applib.SecmanConfiguration;
-import org.apache.isis.extensions.secman.applib.seed.SeedSecurityModuleService;
+import org.apache.isis.extensions.secman.applib.role.seed.IsisAppFeatureRoleAndPermissions;
import org.apache.isis.extensions.secman.applib.role.seed.IsisConfigurationRoleAndPermissions;
import org.apache.isis.extensions.secman.applib.role.seed.IsisExtH2ConsoleRoleAndPermissions;
+import org.apache.isis.extensions.secman.applib.role.seed.IsisExtSecmanAdminRoleAndPermissions;
+import org.apache.isis.extensions.secman.applib.role.seed.IsisExtSecmanRegularUserRoleAndPermissions;
import org.apache.isis.extensions.secman.applib.role.seed.IsisPersistenceJdoMetaModelRoleAndPermissions;
import org.apache.isis.extensions.secman.applib.role.seed.IsisSudoImpersonateRoleAndPermissions;
import org.apache.isis.extensions.secman.applib.role.seed.IsisViewerRestfulObjectsSwaggerRoleAndPermissions;
+import org.apache.isis.extensions.secman.applib.seed.SeedSecurityModuleService;
import org.apache.isis.extensions.secman.applib.tenancy.seed.GlobalTenancy;
-import org.apache.isis.extensions.secman.applib.role.seed.IsisExtSecmanAdminRoleAndPermissions;
import org.apache.isis.extensions.secman.applib.user.seed.IsisExtSecmanAdminUser;
-import org.apache.isis.extensions.secman.applib.role.seed.IsisExtSecmanRegularUserRoleAndPermissions;
import org.apache.isis.testing.fixtures.applib.fixturescripts.FixtureScript;
/**
@@ -63,11 +64,12 @@ public class SeedUsersAndRolesFixtureScript extends FixtureScript {
// other modules
executionContext.executeChildren(this,
- new IsisConfigurationRoleAndPermissions(),
- new IsisSudoImpersonateRoleAndPermissions(),
- new IsisViewerRestfulObjectsSwaggerRoleAndPermissions(),
+ new IsisAppFeatureRoleAndPermissions(),
new IsisPersistenceJdoMetaModelRoleAndPermissions(),
- new IsisExtH2ConsoleRoleAndPermissions()
+ new IsisExtH2ConsoleRoleAndPermissions(),
+ new IsisViewerRestfulObjectsSwaggerRoleAndPermissions(),
+ new IsisSudoImpersonateRoleAndPermissions(),
+ new IsisConfigurationRoleAndPermissions()
);
}
[isis] 02/03: ISIS-2483: fixes secman's persistence modules so that
they bring in the dependency of secman-integration
Posted by da...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
danhaywood pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/isis.git
commit a73fd263442c488dfd55610af202b4c21d9813a8
Author: danhaywood <da...@haywood-associates.co.uk>
AuthorDate: Thu Jun 10 09:52:26 2021 +0100
ISIS-2483: fixes secman's persistence modules so that they bring in the dependency of secman-integration
---
extensions/security/secman/persistence-jdo/pom.xml | 2 +-
extensions/security/secman/persistence-jpa/pom.xml | 4 ----
2 files changed, 1 insertion(+), 5 deletions(-)
diff --git a/extensions/security/secman/persistence-jdo/pom.xml b/extensions/security/secman/persistence-jdo/pom.xml
index 8d4aaab..ae9e463 100644
--- a/extensions/security/secman/persistence-jdo/pom.xml
+++ b/extensions/security/secman/persistence-jdo/pom.xml
@@ -42,7 +42,7 @@
<dependency>
<groupId>org.apache.isis.extensions</groupId>
- <artifactId>isis-extensions-secman-applib</artifactId>
+ <artifactId>isis-extensions-secman-integration</artifactId>
</dependency>
<dependency>
diff --git a/extensions/security/secman/persistence-jpa/pom.xml b/extensions/security/secman/persistence-jpa/pom.xml
index 7b1f3366..d304cd3 100644
--- a/extensions/security/secman/persistence-jpa/pom.xml
+++ b/extensions/security/secman/persistence-jpa/pom.xml
@@ -42,10 +42,6 @@
<dependency>
<groupId>org.apache.isis.extensions</groupId>
- <artifactId>isis-extensions-secman-applib</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.isis.extensions</groupId>
<artifactId>isis-extensions-secman-integration</artifactId>
</dependency>