Changes for page Release Notes for XWiki 6.1 RC 1
Last modified by Thomas Mortagne on 2017/03/24
From version 9.1
edited by Thomas Mortagne
on 2014/06/17
on 2014/06/17
Change comment:
There is no comment for this version
To version 12.1
edited by Denis Gervalle
on 2014/06/18
on 2014/06/18
Change comment:
There is no comment for this version
Summary
-
Page properties (2 modified, 0 added, 0 removed)
Details
- Page properties
-
- Author
-
... ... @@ -1,1 +1,1 @@ 1 -XWiki. ThomasMortagne1 +XWiki.dgervalle - Content
-
... ... @@ -33,6 +33,39 @@ 33 33 $services.logging.getLogger('My script').info('Hello {}', 'world') 34 34 {{/code}} 35 35 36 +== New contextual authorization manager role == 37 + 38 +A new role is now available to ease the replacement of the old Right Service (com.xpn.xwiki.user.api.XWikiRightService). 39 +Compared to the old service, the component does not manage authentication which should have been ensured previously if needed. (No redirection to login is ever done) 40 +The new component has a similar interface to the AuthorizationManager, but it take care of all external context aspects, like the currently executed macro block, the rendering context restrictions, the dropping of rights, etc... 41 +This new role should be used from now on by any component that needs to check rights for the current user, in the current context. 42 + 43 +== New security authorization script service == 44 + 45 +A new script service is now available to access the default AuthorizationManager and the ContextualAuthorizationManager. 46 + 47 +Here is some sample: 48 + 49 +{{code language="velocity"}} 50 +#if ($services.security.authorization.hasAccess("edit")) 51 +... show some UI that require edit access on the current document by the current user ... 52 +#end 53 +#if ($services.security.authorization.hasAccess("edit", "xwiki:Sandbox.TestPage1") 54 +... show some UI that require edit access on Sandbox.TestPage1 document by the current user ... 55 +#end 56 +#if ($services.security.authorization.hasAccess("edit", "xwiki:XWiki.User1", "xwiki:Sandbox.TestPage1") 57 +... show some UI that require edit access on Sandbox.TestPage1 document by XWiki.User1 ... 58 +#end 59 +{{/code}} 60 + 61 +{{code language="velocity"}} 62 +$services.security.authorization.checkAccess("edit") 63 +... do some task that require edit access ... 64 +#end 65 +{{/code}} 66 + 67 +In this second sample, the macro will fail with an AccessDeniedException if the right is not allowed. 68 + 36 36 == Deprecated and Retired projects == 37 37 38 38 <description of deprecated and retired projects> ... ... @@ -45,12 +45,19 @@ 45 45 * [[httpclient 4.3.4>>http://jira.xwiki.org/browse/XCOMMONS-606]] 46 46 * [[commons-beanutils 1.9.2>>http://jira.xwiki.org/browse/XCOMMONS-607]] 47 47 * [[reflections 0.9.9-RC2>>http://jira.xwiki.org/browse/XCOMMONS-608]] 48 -* [[ XCOMMONS-609>>http://jira.xwiki.org/browse/slf4j 1.7.7]]81 +* [[slf4j 1.7.7>>http://jira.xwiki.org/browse/XCOMMONS-609]] 49 49 50 50 == Miscellaneous == 51 51 52 -<other dev stuff to add and link to JIRA for all issues fixed> 85 +* The [[Mail Sender API>>extensions:Extension.Mail Sender API]] now allows creating ##MimeMessageFactory## to generate pre-filled MimeMessage. Example of usage:((( 86 +{{code language="none"}} 87 +#set ($message = $services.mailsender.createMessage("template", documentReference, to)) 88 +#set ($message = $services.mailsender.createMessage("template", documentReference, from, to)) 89 +{{/code}} 53 53 91 +This will generated a MimeMessage with the subject pre-filled. The value will be that of the ##subject## xproperty from an ##XWiki.Mail## xobject in the Document pointed to by the passed ##documentReference##. 92 +))) 93 + 54 54 = Translations = 55 55 56 56 The following translations have been updated:
