[
https://issues.apache.org/jira/browse/ISIS-3303?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17647752#comment-17647752
]
ASF subversion and git services commented on ISIS-3303:
-------------------------------------------------------
Commit fb8d558496088726299a84b03836d5d0b3b0cb54 in isis's branch
refs/heads/ISIS-3255 from Dan Haywood
[ https://gitbox.apache.org/repos/asf?p=isis.git;h=fb8d558496 ]
ISIS-3303: fixes (?) 'Invalid automatic module name' error for
regressiontests-cmdexecauditsess-persistence-{jpa|jdo}
> Redefine UserMemento#isSystemUser to instead take into account
> SudoService#accessAll role
> -----------------------------------------------------------------------------------------
>
> Key: ISIS-3303
> URL: https://issues.apache.org/jira/browse/ISIS-3303
> Project: Isis
> Issue Type: Improvement
> Components: Isis Extensions SecMan
> Affects Versions: 2.0.0-M9
> Reporter: Daniel Keir Haywood
> Assignee: Daniel Keir Haywood
> Priority: Minor
> Fix For: 2.0.0-RC1
>
>
> We currently have two very similar notions that are meant to disable
> permission checking (typically for integration tests),
> `UserMemento#isSystemUser`, and separately the `SudoService#ACCESS_ALL` role,
> as set up by the `NoPermissionsCheck` junit 5 extension.
> However, the `TenantedAuthorizationFacetDefault` is only aware of the former
> of these, via `UserService#isCurrentUserWithSystemPrivileges`, and because
> the UserMemento#isSystem is an equality check, the two mechanisms are
> incompatible.
> Luckily, `TenantedAuthorizationFacetDefault` is the only usage of this API.
> Therefore, the purpose of this improvement is to combine these two notions,
> and refactor names from (real) "system user" (aka root) to (effective) user
> (aka sudo).
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
