This is an automated email from the ASF dual-hosted git repository.
danhaywood pushed a commit to tag saveit
in repository https://gitbox.apache.org/repos/asf/isis.git
commit 01169a4a3385ae5c5b292778e4f0971c165a5fbd
Author: Dan Haywood <d...@haywood-associates.co.uk>
AuthorDate: Mon Aug 29 10:08:55 2022 +0100
ISIS-3187: adds missing roles/permissions, grants to secman-admin
---
...va => IsisExtAuditTrailRoleAndPermissions.java} | 8 ++---
...va => IsisExtCommandLogRoleAndPermissions.java} | 10 +++---
... => IsisExtExecutionLogRoleAndPermissions.java} | 8 ++---
... IsisExtExecutionOutboxRoleAndPermissions.java} | 8 ++---
.../seed/IsisExtSecmanAdminRoleAndPermissions.java | 6 ++--
...va => IsisExtSessionLogRoleAndPermissions.java} | 8 ++---
.../scripts/SeedUsersAndRolesFixtureScript.java | 41 ++++++++++++++++------
.../applib/user/seed/IsisExtSecmanAdminUser.java | 13 +++++--
8 files changed, 66 insertions(+), 36 deletions(-)
diff --git
a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtCommandReplayPrimaryRoleAndPermissions.java
b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtAuditTrailRoleAndPermissions.java
similarity index 84%
copy from
extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtCommandReplayPrimaryRoleAndPermissions.java
copy to
extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtAuditTrailRoleAndPermissions.java
index 8c02b4d621..13d14c7af4 100644
---
a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtCommandReplayPrimaryRoleAndPermissions.java
+++
b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtAuditTrailRoleAndPermissions.java
@@ -29,14 +29,14 @@ import
org.apache.isis.extensions.secman.applib.role.fixtures.AbstractRoleAndPer
*
* @since 2.0 {@index}
*/
-public class IsisExtCommandReplayPrimaryRoleAndPermissions extends
AbstractRoleAndPermissionsFixtureScript {
+public class IsisExtAuditTrailRoleAndPermissions extends
AbstractRoleAndPermissionsFixtureScript {
- public static final String NAMESPACE = "isis.ext.commandReplayPrimary";
+ public static final String NAMESPACE = "isis.ext.auditTrail";
public static final String ROLE_NAME = NAMESPACE.replace(".","-");
- public IsisExtCommandReplayPrimaryRoleAndPermissions() {
- super(ROLE_NAME, "Access to the command replay primary menu");
+ public IsisExtAuditTrailRoleAndPermissions() {
+ super(ROLE_NAME, "Access to the audit trail actions");
}
@Override
diff --git
a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtCommandReplaySecondaryRoleAndPermissions.java
b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtCommandLogRoleAndPermissions.java
similarity index 82%
rename from
extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtCommandReplaySecondaryRoleAndPermissions.java
rename to
extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtCommandLogRoleAndPermissions.java
index 47a4d3853c..4df2281466 100644
---
a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtCommandReplaySecondaryRoleAndPermissions.java
+++
b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtCommandLogRoleAndPermissions.java
@@ -25,18 +25,18 @@ import
org.apache.isis.extensions.secman.applib.permission.dom.ApplicationPermis
import
org.apache.isis.extensions.secman.applib.role.fixtures.AbstractRoleAndPermissionsFixtureScript;
/**
- * Access to the command replay secondary menu.
+ * Access to the command replay primary menu.
*
* @since 2.0 {@index}
*/
-public class IsisExtCommandReplaySecondaryRoleAndPermissions extends
AbstractRoleAndPermissionsFixtureScript {
+public class IsisExtCommandLogRoleAndPermissions extends
AbstractRoleAndPermissionsFixtureScript {
- public static final String NAMESPACE = "isis.ext.commandReplaySecondary";
+ public static final String NAMESPACE = "isis.ext.commandLog";
public static final String ROLE_NAME = NAMESPACE.replace(".","-");
- public IsisExtCommandReplaySecondaryRoleAndPermissions() {
- super(ROLE_NAME, "Access to the command replay secondary menu");
+ public IsisExtCommandLogRoleAndPermissions() {
+ super(ROLE_NAME, "Access to the command log actions");
}
@Override
diff --git
a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtCommandReplayPrimaryRoleAndPermissions.java
b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtExecutionLogRoleAndPermissions.java
similarity index 84%
copy from
extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtCommandReplayPrimaryRoleAndPermissions.java
copy to
extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtExecutionLogRoleAndPermissions.java
index 8c02b4d621..511100187f 100644
---
a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtCommandReplayPrimaryRoleAndPermissions.java
+++
b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtExecutionLogRoleAndPermissions.java
@@ -29,14 +29,14 @@ import
org.apache.isis.extensions.secman.applib.role.fixtures.AbstractRoleAndPer
*
* @since 2.0 {@index}
*/
-public class IsisExtCommandReplayPrimaryRoleAndPermissions extends
AbstractRoleAndPermissionsFixtureScript {
+public class IsisExtExecutionLogRoleAndPermissions extends
AbstractRoleAndPermissionsFixtureScript {
- public static final String NAMESPACE = "isis.ext.commandReplayPrimary";
+ public static final String NAMESPACE = "isis.ext.executionLog";
public static final String ROLE_NAME = NAMESPACE.replace(".","-");
- public IsisExtCommandReplayPrimaryRoleAndPermissions() {
- super(ROLE_NAME, "Access to the command replay primary menu");
+ public IsisExtExecutionLogRoleAndPermissions() {
+ super(ROLE_NAME, "Access to the execution log actions");
}
@Override
diff --git
a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtCommandReplayPrimaryRoleAndPermissions.java
b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtExecutionOutboxRoleAndPermissions.java
similarity index 84%
copy from
extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtCommandReplayPrimaryRoleAndPermissions.java
copy to
extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtExecutionOutboxRoleAndPermissions.java
index 8c02b4d621..8fd179d4ea 100644
---
a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtCommandReplayPrimaryRoleAndPermissions.java
+++
b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtExecutionOutboxRoleAndPermissions.java
@@ -29,14 +29,14 @@ import
org.apache.isis.extensions.secman.applib.role.fixtures.AbstractRoleAndPer
*
* @since 2.0 {@index}
*/
-public class IsisExtCommandReplayPrimaryRoleAndPermissions extends
AbstractRoleAndPermissionsFixtureScript {
+public class IsisExtExecutionOutboxRoleAndPermissions extends
AbstractRoleAndPermissionsFixtureScript {
- public static final String NAMESPACE = "isis.ext.commandReplayPrimary";
+ public static final String NAMESPACE = "isis.ext.executionOutbox";
public static final String ROLE_NAME = NAMESPACE.replace(".","-");
- public IsisExtCommandReplayPrimaryRoleAndPermissions() {
- super(ROLE_NAME, "Access to the command replay primary menu");
+ public IsisExtExecutionOutboxRoleAndPermissions() {
+ super(ROLE_NAME, "Access to the execution outbox actions");
}
@Override
diff --git
a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtSecmanAdminRoleAndPermissions.java
b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtSecmanAdminRoleAndPermissions.java
index 9dbcbe7e8f..f20995b9e8 100644
---
a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtSecmanAdminRoleAndPermissions.java
+++
b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtSecmanAdminRoleAndPermissions.java
@@ -29,6 +29,7 @@ import org.apache.isis.commons.internal.base._NullSafe;
import org.apache.isis.core.config.IsisConfiguration.Extensions.Secman;
import
org.apache.isis.core.config.IsisConfiguration.Extensions.Secman.Seed.Admin;
import
org.apache.isis.core.config.IsisConfiguration.Extensions.Secman.Seed.Admin.NamespacePermissions;
+import org.apache.isis.extensions.secman.applib.IsisModuleExtSecmanApplib;
import
org.apache.isis.extensions.secman.applib.permission.dom.ApplicationPermissionMode;
import
org.apache.isis.extensions.secman.applib.permission.dom.ApplicationPermissionRule;
import
org.apache.isis.extensions.secman.applib.role.fixtures.AbstractRoleAndPermissionsFixtureScript;
@@ -60,8 +61,9 @@ public class IsisExtSecmanAdminRoleAndPermissions extends
AbstractRoleAndPermiss
newPermissions(
ApplicationPermissionRule.ALLOW,
ApplicationPermissionMode.CHANGING,
- Can.ofCollection(adminInitialPackagePermissions)
- .map(ApplicationFeatureId::newNamespace));
+
Can.of(IsisModuleExtSecmanApplib.NAMESPACE).addAll(Can.ofCollection(adminInitialPackagePermissions))
+ .map(ApplicationFeatureId::newNamespace)
+ );
}
// -- HELPER
diff --git
a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtCommandReplayPrimaryRoleAndPermissions.java
b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtSessionLogRoleAndPermissions.java
similarity index 84%
rename from
extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtCommandReplayPrimaryRoleAndPermissions.java
rename to
extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtSessionLogRoleAndPermissions.java
index 8c02b4d621..40398ee5a6 100644
---
a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtCommandReplayPrimaryRoleAndPermissions.java
+++
b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtSessionLogRoleAndPermissions.java
@@ -29,14 +29,14 @@ import
org.apache.isis.extensions.secman.applib.role.fixtures.AbstractRoleAndPer
*
* @since 2.0 {@index}
*/
-public class IsisExtCommandReplayPrimaryRoleAndPermissions extends
AbstractRoleAndPermissionsFixtureScript {
+public class IsisExtSessionLogRoleAndPermissions extends
AbstractRoleAndPermissionsFixtureScript {
- public static final String NAMESPACE = "isis.ext.commandReplayPrimary";
+ public static final String NAMESPACE = "isis.ext.sessionLog";
public static final String ROLE_NAME = NAMESPACE.replace(".","-");
- public IsisExtCommandReplayPrimaryRoleAndPermissions() {
- super(ROLE_NAME, "Access to the command replay primary menu");
+ public IsisExtSessionLogRoleAndPermissions() {
+ super(ROLE_NAME, "Access to the session log actions");
}
@Override
diff --git
a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/seed/scripts/SeedUsersAndRolesFixtureScript.java
b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/seed/scripts/SeedUsersAndRolesFixtureScript.java
index 6393a20273..f3f76803cd 100644
---
a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/seed/scripts/SeedUsersAndRolesFixtureScript.java
+++
b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/seed/scripts/SeedUsersAndRolesFixtureScript.java
@@ -23,11 +23,14 @@ import javax.inject.Inject;
import org.apache.isis.core.config.IsisConfiguration;
import
org.apache.isis.extensions.secman.applib.role.seed.IsisAppFeatureRoleAndPermissions;
import
org.apache.isis.extensions.secman.applib.role.seed.IsisConfigurationRoleAndPermissions;
-import
org.apache.isis.extensions.secman.applib.role.seed.IsisExtCommandReplayPrimaryRoleAndPermissions;
-import
org.apache.isis.extensions.secman.applib.role.seed.IsisExtCommandReplaySecondaryRoleAndPermissions;
+import
org.apache.isis.extensions.secman.applib.role.seed.IsisExtAuditTrailRoleAndPermissions;
+import
org.apache.isis.extensions.secman.applib.role.seed.IsisExtCommandLogRoleAndPermissions;
+import
org.apache.isis.extensions.secman.applib.role.seed.IsisExtExecutionLogRoleAndPermissions;
+import
org.apache.isis.extensions.secman.applib.role.seed.IsisExtExecutionOutboxRoleAndPermissions;
import
org.apache.isis.extensions.secman.applib.role.seed.IsisExtH2ConsoleRoleAndPermissions;
import
org.apache.isis.extensions.secman.applib.role.seed.IsisExtSecmanAdminRoleAndPermissions;
import
org.apache.isis.extensions.secman.applib.role.seed.IsisExtSecmanRegularUserRoleAndPermissions;
+import
org.apache.isis.extensions.secman.applib.role.seed.IsisExtSessionLogRoleAndPermissions;
import
org.apache.isis.extensions.secman.applib.role.seed.IsisPersistenceJdoMetaModelRoleAndPermissions;
import
org.apache.isis.extensions.secman.applib.role.seed.IsisSudoImpersonateRoleAndPermissions;
import
org.apache.isis.extensions.secman.applib.role.seed.IsisViewerRestfulObjectsSwaggerRoleAndPermissions;
@@ -62,23 +65,39 @@ public class SeedUsersAndRolesFixtureScript extends
FixtureScript {
// global tenancy
executionContext.executeChild(this, new GlobalTenancy());
- // secman (admin and regular users)
- executionContext.executeChildren(this,
- new IsisExtSecmanAdminRoleAndPermissions(secmanConfig),
- new IsisExtSecmanAdminUser(secmanConfig),
- new IsisExtSecmanRegularUserRoleAndPermissions(secmanConfig));
-
- // other modules
+ // modules
executionContext.executeChildren(this,
new IsisAppFeatureRoleAndPermissions(),
new IsisPersistenceJdoMetaModelRoleAndPermissions(),
- new IsisExtCommandReplayPrimaryRoleAndPermissions(),
- new IsisExtCommandReplaySecondaryRoleAndPermissions(),
+ new IsisExtAuditTrailRoleAndPermissions(),
+ new IsisExtCommandLogRoleAndPermissions(),
+ new IsisExtExecutionLogRoleAndPermissions(),
+ new IsisExtExecutionOutboxRoleAndPermissions(),
+ new IsisExtSessionLogRoleAndPermissions(),
new IsisExtH2ConsoleRoleAndPermissions(),
new IsisViewerRestfulObjectsSwaggerRoleAndPermissions(),
new IsisSudoImpersonateRoleAndPermissions(),
new IsisConfigurationRoleAndPermissions()
);
+
+ // secman module (admin and regular users role, and secman-admin
superuser)
+ executionContext.executeChildren(this,
+ new IsisExtSecmanAdminRoleAndPermissions(secmanConfig),
+ new IsisExtSecmanRegularUserRoleAndPermissions(secmanConfig),
+ new IsisExtSecmanAdminUser(secmanConfig,
+ IsisAppFeatureRoleAndPermissions.ROLE_NAME,
+
IsisPersistenceJdoMetaModelRoleAndPermissions.ROLE_NAME,
+ IsisExtAuditTrailRoleAndPermissions.ROLE_NAME,
+ IsisExtCommandLogRoleAndPermissions.ROLE_NAME,
+ IsisExtExecutionLogRoleAndPermissions.ROLE_NAME,
+ IsisExtExecutionOutboxRoleAndPermissions.ROLE_NAME,
+ IsisExtSessionLogRoleAndPermissions.ROLE_NAME,
+ IsisExtH2ConsoleRoleAndPermissions.ROLE_NAME,
+
IsisViewerRestfulObjectsSwaggerRoleAndPermissions.ROLE_NAME,
+ IsisSudoImpersonateRoleAndPermissions.ROLE_NAME,
+ IsisConfigurationRoleAndPermissions.ROLE_NAME)
+ );
+
}
}
diff --git
a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/user/seed/IsisExtSecmanAdminUser.java
b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/user/seed/IsisExtSecmanAdminUser.java
index a3bc8e40c1..92d2c39b40 100644
---
a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/user/seed/IsisExtSecmanAdminUser.java
+++
b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/user/seed/IsisExtSecmanAdminUser.java
@@ -18,6 +18,8 @@
*/
package org.apache.isis.extensions.secman.applib.user.seed;
+import java.util.Collection;
+
import org.apache.isis.commons.collections.Can;
import org.apache.isis.core.config.IsisConfiguration.Extensions.Secman;
import org.apache.isis.extensions.secman.applib.tenancy.seed.GlobalTenancy;
@@ -30,13 +32,20 @@ import
org.apache.isis.extensions.secman.applib.user.fixtures.AbstractUserAndRol
*/
public class IsisExtSecmanAdminUser extends AbstractUserAndRolesFixtureScript {
- public IsisExtSecmanAdminUser(final Secman config) {
+ public IsisExtSecmanAdminUser(final Secman config, String... roleNames) {
super(
config.getSeed().getAdmin().getUserName(),
config.getSeed().getAdmin().getPassword(),
null,
GlobalTenancy.TENANCY_PATH,
AccountType.LOCAL,
- Can.of(config.getSeed().getAdmin().getRoleName()));
+ Can.of(
+ config.getSeed().getAdmin().getRoleName(),
+ config.getSeed().getRegularUser().getRoleName()
+ ).addAll(
+ Can.of(roleNames)
+ )
+ );
}
+
}
