v5.0.3
·
689 commits
to develop
since this release
💥 Breaking Changes
This release includes several core API changes to how users and their roles (permissions) are loaded. (Note that the breaking changes below will typically be handled by updates to a custom enterprise plugin and not require individual app changes.)
- Applications (or enterprise plugins) must implement a new
RoleServiceextending fromBaseRoleServiceto provide a map of users to their app-specific roles. Roles continue to be modelled as simple strings for use both on server and client. - The
HoistUsersuperclass no longer holds / caches its roles directly, but instead calls into the new requiredRoleServicedynamically when asked. - Boilerplate around auth whitelists and resources has been better consolidated into the plugin, helping to clean up some repeated application-level
AuthenticationServicecode. - Hoist implementation endpoints have moved from
/hoistImpl/ -> /xh/for brevity / clarity. Client-side plugins will be updated to use this new path. The implementation APIs used to login/logout and confirm auth / roles have changed, but again are handled by Hoist client plugin updates and do not require application-level changes.
