OACC Framework v2.0.0-rc.2 Release Notes

Release Date: 2015-03-24 // over 6 years ago
  • ๐Ÿš€ Release date: 2015-03-23

    ๐Ÿš€ Summary of changes in this release:

    • replaces the checked AccessControlException with hierarchy of unchecked exceptions
    • enhances permission verification API with boolean has-permission methods and updates all verification methods to accept multiple permissions, as well as to consistently provide overloaded versions with optional accessorResource and/or domainName arguments
    • ๐Ÿ“‡ renames getResourcesByResourcePermissions() to getResourcesByResourcePermissionsAndDomain() when it takes a domainName argument
    • โšก๏ธ updates method signatures to always place domainName parameter directly after resourceClassName parameter, where applicable
    • โšก๏ธ updates resource getters (getResourcesByResourcePermissions and getAccessorResourcesByResourcePermissions) to accept multiple permissions
    • โž• adds resource class and domain as arguments to AuthenticationProvider.validateCredentials() for more context
    • โž• adds parameter validation to API methods to assert that accessor resource arguments reference an existing resource
    • โ™ป๏ธ refactors parameter validation in API methods to be slightly more consistent by validating in the order of the method signature
    • ๐Ÿ›  fixes several bugs, as described in more detail below
    • โšก๏ธ updates test suite for the aforementioned API changes
    • โšก๏ธ updates Javadoc comments with the aforementioned API changes

    Summary of API changes:

    • ๐Ÿ‘ป Exception handling
      • replaces the checked AccessControlException with more nuanced hierarchy of unchecked exceptions (including more structured and consistent exception messages)
    • Permission verification
      • changes the assert methods based on a redesign that makes them consistent with the effective permission getters: now assert methods for each type of permission are overloaded with optional accessor resource and/or domain name arguments
      • introduces new kind of permission verification method: the has-permission method, which returns a boolean instead of throwing an exception; there is a has-permission method as an alternative for each of the assert methods
      • updates the assert and has-permission methods to accept permissions as (one or more) varargs, instead of a just single permission
    • Method signatures
      • updates method signatures to always place domainName parameter directly after resourceClassName parameter, where applicable
      • updates resource getters (getResourcesByResourcePermissions and getAccessorResourcesByResourcePermissions) to accept permissions as (one or more) varargs, instead of just a single permission
      • renames the getResourcesByResourcePermissions-methods with a domain name argument to getResourcesByResourcePermissionsAndDomain, to distinguish them from the getResourcesByResourcePermissions-methods without a domain name argument, which return results across all domains
      • adds resource class and domain as arguments to AuthenticationProvider.validateCredentials() for more context
    • Parameter validation
      • adds parameter validation to API methods to assert that accessor resource arguments reference an existing resource
      • refactors method parameter validation to be slightly more consistent by validating in the order of the method signature

    ๐Ÿ› Bug fixes:

    • ๐Ÿ›  fixes internal permission validation method to ensure RESET_CREDENTIALS and IMPERSONATE are only valid for authenticatable resource classes
    • ๐Ÿ›  fixes setResourcePermissions() to prevent an INHERIT cycle from a resource to itself
    • ๐Ÿ›  fixes createResource() to now assert session is authenticated when called without domain name arguments (because it will implicitly use the session resource domain in those cases)
    • ๐Ÿ›  fixes internal has-permission helper methods to remove redundant check for global permissions after checking effective permissions

    ๐Ÿš€ Corresponding oacc-db release:
    ๐Ÿš€ The version of the oacc-db database configuration scripts to be used with this release can be found here.