Last modified by Thomas Mortagne on 2017/03/24

<
From version < 11.1 >
edited by Vincent Massol
on 2014/06/18
To version < 13.1 >
edited by Denis Gervalle
on 2014/06/18
>
Change comment: There is no comment for this version

Summary

Details

Page properties
Author
... ... @@ -1,1 +1,1 @@
1 -XWiki.VincentMassol
1 +XWiki.dgervalle
Content
... ... @@ -33,6 +33,38 @@
33 33  $services.logging.getLogger('My script').info('Hello {}', 'world')
34 34  {{/code}}
35 35  
36 +== New contextual authorization manager role ==
37 +
38 +A new role is now available to ease the replacement of the old Right Service (com.xpn.xwiki.user.api.XWikiRightService).
39 +Compared to the old service, the component does not manage authentication which should have been ensured previously if needed. (No redirection to login is ever done)
40 +The new component has a similar interface to the AuthorizationManager, but it take care of all external context aspects, like the currently executed macro block, the rendering context restrictions, the dropping of rights, etc...
41 +This new role should be used from now on by any component that needs to check rights for the current user, in the current context.
42 +
43 +== New security authorization script service ==
44 +
45 +A new script service is now available to access the default AuthorizationManager and the ContextualAuthorizationManager.
46 +
47 +Here is some sample:
48 +
49 +{{code language="velocity"}}
50 +#if ($services.security.authorization.hasAccess("edit"))
51 +... show some UI that require edit access on the current document by the current user ...
52 +#end
53 +#if ($services.security.authorization.hasAccess("edit", "xwiki:Sandbox.TestPage1")
54 +... show some UI that require edit access on Sandbox.TestPage1 document by the current user ...
55 +#end
56 +#if ($services.security.authorization.hasAccess("edit", "xwiki:XWiki.User1", "xwiki:Sandbox.TestPage1")
57 +... show some UI that require edit access on Sandbox.TestPage1 document by XWiki.User1 ...
58 +#end
59 +{{/code}}
60 +
61 +{{code language="velocity"}}
62 +$services.security.authorization.checkAccess("edit")
63 +... do some task that require edit access ...
64 +{{/code}}
65 +
66 +In this second sample, the macro will fail with an AccessDeniedException if the right is not allowed.
67 +
36 36  == Deprecated and Retired projects ==
37 37  
38 38  <description of deprecated and retired projects>

Get Connected