#28931 Import/update role profiles at application startup

enhancement

critical

#25918

Graph-Binding 2.0

major

#25529

Weak model constraints

#27483

TLScript: Mathematical functions

#28083

Core theme: Better display/UX of TL script context help

#28336

Dynamic confirm messages

#28604

General display of the change history with undo option

#28648

TL-Script: Unzip

#28727

Tree-table selection logic

#28765

Image Upload Control

#28892

TL-Script: flatMap()-Function

#28893

TL-Script: indexBy() with value transformation

#28897

Instance export: export context for optional import

#28899

Tile views: Mixed views of object tiles with standard tiles

#28900

TL-Script: transpose()-function

#28901

TL-Script: count() with one argument

#28902

TL script: remove()

#28903

TL-Script: split() with limit

#28920

Layout editor: Pluggable generic commands

#28924

TL script: toJson()

#28927

TL-Script: excelFile()

#28931

Import/update role profiles at application startup

#28934

TL-Script: pdfFile()

#28947

Composition attributes: Create from copy

#28949

TL-Script: CSS class calculation for whole lines

minor

#27849

Property of type "Color" cannot be assigned a color value in TL-Script

#28305

Better default file names for generic Excel exports

#28633

XML import: Handler to add a translation to a property of type "Internationalized string"

#28643

TL-Script: Parse Base64 in Data-URL Format

#28652

XML import: Transient import with post-processing action

#28729

Layout editor: Show button line in every layout

#28742

Display (local) dialogs without changing view

#28743

Layout editor: Show and hide toolbars in all components

#28745

Drag from tree tables should also return collapsed nodes

#28762

Introduction of Renovate Bot to automatically update external dependencies.

#28874

Automatically activate ExternalAuthentication when using tl-security-auth-pac4j

#28875

Recalculation of options for selection fields

#28879

Offer TL script methods via Reflection

#28880

Add TLScript "try" function for exception handling

#28886

Instance export: Do not "automatically" export non-compositions

#28906

Tile preview image from binary/image attribute

#28913

Application tests: Context-local object identification

#28915

Update GWT to version 2.12

#28918

Enum protocol names via @name annotation

#28930

Mark calculated columns as "multiple" and "mandatory"

#28937

Command release service: Check for collections and delegation to other models

#28951

Commands for changing a selection in a tree table

#28963

Drag & drop across window boundaries

#28965

Specify file extension for XML import commands

#28970

HTML as value for a "Structured text" attribute

#28974

XML import: Context for ID resolution

#28983

Output error during backward navigation via non-navigable attributes

#28986

Enable servlets with async support

#28999

Scheduler: Execution every x days instead of every day

#29001

Hide undone changes in "My last changes"

#29016

Display dialogs in the window in which you are currently working

#29019

Remove legacy bus system

nice-to-have

#28987

StreamUtilities.readStreamContents() Utility also for BinaryDataSource

#29043

Heartbeat logging for revison migration

#29045

Consolidate Git ignores (application template, message backups, settings)

#29046

Introspection for TL script functions

defect

major

#27746

Context help for TL script partially cut off and not or only poorly scrollable

#28047

Error Icon next to the TextInput is positioned incorrectly

minor

#27707

Table does not update after moving rows by pressing a button

#28265

Update pdf.js to 4.9.155 due to CVE reports

#28678

MACHINE_IP column too short in USER_SESSION (for IPv6)

#28693

Questionable clipboard commands are displayed by default on all grid components

#28919

Transient objects can provide references to deleted objects

#28945

Error when displaying the change history if reference was deleted

#28950

TL-Script: toSet() changes the order of the elements

#28954

Column "Administrator" of user accounts cannot be filtered

#28955

Full text search for grid component potentially leads to a logged error

#28957

Client-side errors with GotoLinkControl

#28972

Flow diagram: Font-Size and Font-Family attributes for text have no effect.

#28973

Dialog "My last changes" may take a very long time to open

#28980

I18NRuntimeException is reported as "Internal error"

#28982

Table components can display unexpected objects

#28984

Workflow processes can no longer be completed

#28991

Flow diagram: Selection channel may only contain quantities if multiple selection is configured

#28992

SVG diagram with click handler can lead to errors

#28996

TL-Script: No internationalized number format in expressions in HTML templates

#28998

Flow diagram: Double-click and context menu handler

#29036

Translation error for resource files with country code

enhancement

major

#28931

Import/update role profiles at application startup

Code migration SecuritySystem

Role profiles (with which role you can see and edit which views) currently have to be uploaded manually in the authorization configuration.

Improvement

The configuration should be loaded and imported from WEB-INF/conf/security.xml when the application is initially started. If a new version of the file is delivered during a re-deployment, it should be applied automatically when the new version is initially started.

Consequences

The role profiles must be independent of the component tree of a session for an import at application start. As only authorization configurations for the so-called `CompundSecurityLayout` are stored in the role profiles, configurations may only be saved for these components (or their security ID). Copying the authorization configurations to all components of the subtree must be omitted.

Code migration

The following changes have been made:

Various previous signatures were changed from Collection or Collection<BoundedRole> to Collection<? extends BoundRole> - i.e. to the interface type for roles. Errors that occurred during typing have been fixed.
Some signatures have been extended from Wrapper to TLObject.
The implementation of BoundChecker in LayoutComponent`s has been simplified: Instead of implementing `BoundCheckerDelegate and creating, saving and using a "suitable" delegation, only the appropriate BoundChecker subinterface needs to be implemented:
- LayoutContainerBoundChecker for components that have subcomponents.
- BoundCheckerDelegate only if you really want to forward to another component.
If a component is marked as securityMaster in a BoundLayout, then the complete check for displayability of the layout (but only this) is forwarded to the marked component (no allow checks with model or command group).
A persistent authorization configuration for components(PersBoundComp) only exists for exactly those CompoundSecurityLayout components for which the authorization can also be set. All other components within these groups use the same authorization configuration.
getCurrentObject() in BoundChecker has been replaced by getSecurityObject().
The rule that a layout can be displayed by components if at least one inner component does not contradict this is no longer applicable. Instead, the layout either checks locally whether it can be displayed (which is usually the case), or it delegates to a specially marked securityMaster component.
The component configuration option securityProviderClass has been dropped. securityProviderClass="somePrivider" must be replaced by securityObject="ref:somePrivider". As an exception, securityProviderClass="default" must be replaced by securityObject="model" and securityProviderClass="" must be replaced by securityObject="". As a short form, securityProviderClass="securityRoot" can be replaced by securityObject="securityRoot" and securityProviderClass="model" by securityObject="model" and securityProviderClass="path:my.path" by securityObject="path:my.path" and securityProviderClass="null" by securityObject="".