end-of sprint demo sprint 1 “auth module, beta release” robert wagner jessica lundberg erik roos
TRANSCRIPT
End-of Sprint DemoSprint 1
“Auth Module, beta Release”
Robert WagnerJessica Lundberg
Erik Roos
• Sprint goal: improve the Auth module so it can be used in actual applications
• Sprint started on Jan. 26th• Sprint scheduled to end on Feb. 18th, but cut
short one week• Selected user stories amounting to 14,5 “story
points” (ideal man-days)• 1 story and a few tasks moved to “Next”
because of deadline move
Sprint facts
Some technical notes• Created a new type of Login, DatabaseLogin, which replaces
the old SimpleLogin when using the Auth system– We also have OpenIdLogic, which extends DatabaseLogin– You can set the option to use DatabaseLogin or OpenIdLogin in your
project properties file• When using DatabaseLogin, a security decorator is added to
all entities, ensuring secure add/update/remove procedures – Comes from the new SecurityMapper– Located in the layer of decorators closest to the database, to ensure
that nothing overrides these functions• There is now an Authorizable interface that can be
implemented by entities wanting to use row-level security– Not completely functional yet
User story 1
• As a new user to the system…• I want to register myself and then have the ability to– login– logout– change my details
• Importance 100• 0,5 story points• Status: done
User story 2
• As authenticated user…• I want to create my private groups of users…• And, for objects that I own, add permissions
on users or groups
• Importance 90• 7,5 story points• Status: done, except for customized screen to
create groups
User story 3
• As an anonymous user…• I want to see all the entities I am entitled to
see…• Without logging in
• Importance 80• 1 story points• Status: done
User story 4
• As an administrator…• I want to be able to manage– users– groups
• Importance: 70• 3,5 story points• Status: partly done (no customized UI yet but
standard form screens)
User story 5
• As an administrator…• I want to set read, write, execute and
ownership permissions on entities…• Including tables, fields, rows and screens
• Importance: 60• 2 story points• Status: done (but field, row and screen
security not yet fully in place)
User story 6
• As an administrator…• I want to have the possibility to forward
permissions from an entity to others
• Importance: 5• 5 story points• Status: moved to “Next”
Highlights of tasks moved to “Next”
• Make manual• Enable field, row and screen security• Handle executable files• When checking user permissions, also take
into account those from groups they are members of
• Provide customized screens for User and Group management