Change comment:
There is no comment for this version
Summary
-
Page properties (2 modified, 0 added, 0 removed)
Details
- Page properties
-
- Author
-
... ... @@ -1,1 +1,1 @@ 1 -XWiki. dgervalle1 +XWiki.VincentMassol - Content
-
... ... @@ -33,38 +33,6 @@ 33 33 $services.logging.getLogger('My script').info('Hello {}', 'world') 34 34 {{/code}} 35 35 36 -== New contextual authorization manager role == 37 - 38 -A new role is now available to ease the replacement of the old Right Service (com.xpn.xwiki.user.api.XWikiRightService). 39 -Compared to the old service, the component does not manage authentication which should have been ensured previously if needed. (No redirection to login is ever done) 40 -The new component has a similar interface to the AuthorizationManager, but it take care of all external context aspects, like the currently executed macro block, the rendering context restrictions, the dropping of rights, etc... 41 -This new role should be used from now on by any component that needs to check rights for the current user, in the current context. 42 - 43 -== New security authorization script service == 44 - 45 -A new script service is now available to access the default AuthorizationManager and the ContextualAuthorizationManager. 46 - 47 -Here is some sample: 48 - 49 -{{code language="velocity"}} 50 -#if ($services.security.authorization.hasAccess("edit")) 51 -... show some UI that require edit access on the current document by the current user ... 52 -#end 53 -#if ($services.security.authorization.hasAccess("edit", "xwiki:Sandbox.TestPage1") 54 -... show some UI that require edit access on Sandbox.TestPage1 document by the current user ... 55 -#end 56 -#if ($services.security.authorization.hasAccess("edit", "xwiki:XWiki.User1", "xwiki:Sandbox.TestPage1") 57 -... show some UI that require edit access on Sandbox.TestPage1 document by XWiki.User1 ... 58 -#end 59 -{{/code}} 60 - 61 -{{code language="velocity"}} 62 -$services.security.authorization.checkAccess("edit") 63 -... do some task that require edit access ... 64 -{{/code}} 65 - 66 -In this second sample, the macro will fail with an AccessDeniedException if the right is not allowed. 67 - 68 68 == Deprecated and Retired projects == 69 69 70 70 <description of deprecated and retired projects>