From dc49738ce6fb488e45ce1667ae28968c8fd5ab19 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nils=20B=C3=BChner?= Date: Fri, 29 Apr 2016 15:27:42 +0200 Subject: [PATCH] Update release notes --- RELEASE-NOTES.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/RELEASE-NOTES.md b/RELEASE-NOTES.md index cbb69eccc..b107224b1 100644 --- a/RELEASE-NOTES.md +++ b/RELEASE-NOTES.md @@ -9,7 +9,8 @@ * The `saveOrUpdate` method of the services are now void. Existing projects that are using this method may need some simple adaptions like changes from `PersistentObject newObject = object.saveOrUpdate()` to `object.saveOrUpdate()` * The webapp-archetype has been extended to demonstrate how custom permission evaluators for project specific solutions can be used. * New features: - * An `AbstractSecuredPersistentObjectService` has been introduced. This service provides useful methods to add and remove permissions for certain objects. `PermissionCollection`s will be persisted in the database when using these methods. All services of entities that extend `SecuredPersistentObject` should extend the abstract service mentioned above. + * All `PersistentObject`s now have a set of user and group permissions, i.e. all entities can be protected if needed. In this context, the permission evaluators have been overworked. The database structure has changed here, which means that existing projects are affected by this change and would need a data migration if they can not boot in a vanilla state (with `hibernate.hbm2ddl.auto=create`). + * An `AbstractPermissionAwareCrudService` has been introduced. This service provides useful methods to add and remove permissions for certain objects. `PermissionCollection`s will be persisted in the database when using these methods. All services should extend the abstract service mentioned above. There is only one exception: The `PermissionCollectionService` does **NOT** extend this service as the `AbstractPermissionAwareCrudService` gets the `PermissionCollectionService` injected, which would not work when the `PermissionCollectionService` would try to inject itself. On top of that it does not make sense to secure `PermissionCollection`s with `PermissionCollection`s and so on... Existing projects (that were possibly created with an old version of the webapp archetype) need adaptions regarding the following points: * Adapt the ``pom.xml`` of your existing SHOGun2 project