[ https://issues.apache.org/jira/browse/ISIS-3303?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17646430#comment-17646430 ]
ASF subversion and git services commented on ISIS-3303: ------------------------------------------------------- Commit ca9f44fae90d66f6d8dfac6574815e2730f4405c in isis's branch refs/heads/dependabot/maven/master/spring-boot.version-3.0.0 from Dan Haywood [ https://gitbox.apache.org/repos/asf?p=isis.git;h=ca9f44fae9 ] ISIS-3303: fixes (?) 'Invalid automatic module name' error for regressiontests-cmdexecauditsess-persistence-{jpa|jdo} (2) > Redefine UserMemento#isSystemUser to instead take into account > SudoService#accessAll role > ----------------------------------------------------------------------------------------- > > Key: ISIS-3303 > URL: https://issues.apache.org/jira/browse/ISIS-3303 > Project: Isis > Issue Type: Improvement > Components: Isis Extensions SecMan > Affects Versions: 2.0.0-M9 > Reporter: Daniel Keir Haywood > Assignee: Daniel Keir Haywood > Priority: Minor > Fix For: 2.0.0-RC1 > > > We currently have two very similar notions that are meant to disable > permission checking (typically for integration tests), > `UserMemento#isSystemUser`, and separately the `SudoService#ACCESS_ALL` role, > as set up by the `NoPermissionsCheck` junit 5 extension. > However, the `TenantedAuthorizationFacetDefault` is only aware of the former > of these, via `UserService#isCurrentUserWithSystemPrivileges`, and because > the UserMemento#isSystem is an equality check, the two mechanisms are > incompatible. > Luckily, `TenantedAuthorizationFacetDefault` is the only usage of this API. > Therefore, the purpose of this improvement is to combine these two notions, > and refactor names from (real) "system user" (aka root) to (effective) user > (aka sudo). -- This message was sent by Atlassian Jira (v8.20.10#820010)