The new Jmix version 1.4 has been released recently. In this article, I will highlight key updates introduced in this feature release.
As usual, for the full information on changes and upgrade instructions, check out the What's New page of the documentation.
Stable Flow UI Core
The most prominent change is no doubt the stable core of the Flow UI module based on Vaadin 23. Now you can use it for creating new projects and expect normal evolution of the API and features in the future, with backward compatible patches and possible minor incompatibilities in feature releases.
Flow UI allows you to build responsive mobile-friendly applications without any special effort, using the same server-side Java programming model and XML layout supported by the visual designer in Studio.
From the user experience point of view, Flow UI applications are closer to regular web apps than applications built with the classic Jmix UI. CRUD views now have unique URLs that can be used as deep links to the application functionality. There are no more inner tabs in the main window, but the main menu allows users to open views in separate browser tabs or windows using the browser's context menu or Ctrl/Cmd+Click.
The new visual designer for Flow UI has a preview panel which shows the exact look of the view considering the application theme and specific styles of the components. Also, it has a significant difference from the classic UI designer: there is no Palette tool window. Instead, use the Add Component action available through the top actions panel, Component Hierarchy context menu and Generate menu (Alt+Ins / Cmd+N).
The Jmix Flow UI is still on the early stage and we have a lot to do to make it as feature-rich as the classic UI. Many important features, such as generic filter, inline editing in DataGrid, background tasks, input dialogs are missing now and will be implemented in the next release.
Currently, Flow UI modules are available for the security subsystem (roles, policies), Audit and Data Tools add-ons (Entity Log, User Sessions, Entity Inspector). So in the projects with Flow UI, you can use these add-ons and the add-ons without UI like REST, OIDC, file storages and so on. Other important add-ons will get Flow UI in the future releases next year.
Studio Improvements
Jmix Studio 1.4 got a few useful enhancements.
The Configuration section of the Jmix tool window now displays all classes annotated with @Configuration and its derived annotations (e.g. @SpringBootApplication), @ConfigurationProperties classes, as well as REST queries and services configuration files:
Spring beans having methods with an entity in the arguments or the result are shown in the Beans section of the entity:
The Inject action for Spring beans now supports constructor injection, which is considered a best practice. To use it instead of the field injection, select the Use constructor injection checkbox, and Studio will create a final field and a constructor argument:
@Component
public class CustomerService {
private final DataManager dataManager;
public CustomerService(DataManager dataManager) {
this.dataManager = dataManager;
}
The new wizard will help you create row-level roles. To create a role, click New → Row-level Role in the Jmix tool window and enter role parameters in the dialog:
Studio will create the annotated role class. You can add policies using the Add Policy actions:
Now you can have a custom set of project templates tailored for your organization.
This feature works as follows: You build a JAR file with the templates and publish it in the custom artefact repository. Developers set the artefact coordinates in the IDE settings and choose the custom repository in the New Project wizard. Then Studio loads both standard templates (if their artefact is present in the repository) and custom ones, and shows the joined list of templates to the developer.
For more details on building the custom templates artefact see the documentation.
Framework Improvements
We've added a couple of extension points to the security subsystem.
The first one is in the process of changing passwords by users. You can provide password validators as Spring beans implementing the PasswordValidator interface:
@Component
public class MyPasswordValidator implements PasswordValidator<User> {
@Override
public void validate(PasswordValidationContext<User> context) throws PasswordValidationException {
if (context.getPassword().length() < 3)
throw new PasswordValidationException("Password is too short, must be >= 3 characters");
}
}
Another extension point is in the Spring security configurations provided by the framework and add-ons. Previously, to adjust a configuration, you had to copy-paste the entire configuration to your project. Since Jmix 1.4, you can just create a AbstractHttpConfigurer bean with your specific logic and give it a qualifier which identifies the inherited configuration to adjust:
@Component
@Qualifier(StandardSecurityConfiguration.SECURITY_CONFIGURER_QUALIFIER)
public class MySecurityConfigurer extends AbstractHttpConfigurer<MySecurityConfigurer, HttpSecurity> {
@Override
public void configure(HttpSecurity http) throws Exception {
MyFilter myFilter = new MyFilter();
http.addFilterBefore(myFilter, UsernamePasswordAuthenticationFilter.class);
}
}
Now you can lock on the database level when loading entities by DataManager. Its fluent loader interface accepts the javax.persistence.LockModeType enum values in the lockMode() method:
var customer = dataManager.load(Customer.class)
.id(customerId)
.lockMode(LockModeType.PESSIMISTIC_WRITE)
.one();
When working with JPA entities, it effectively leads to executing the select … for update SQL statement.
Jmix Authorization Server Preview
The current Jmix Security OAuth2 module which is used for issuing tokens when working with REST is based on the now deprecated Spring Security OAuth project. Also, it implements only the Password Grant which is not recommended by the OAuth specification.
To solve both problems, we've built a new OAuth module based on the modern Spring Authorization Server project. It supports the Authorization Code and Client Credentials grant types.
The Jmix Authorization Server is in the preview stage and will be improved based on your feedback. See the module documentation in the project's README.
What's next?
In the upcoming months we are going to bring the Flow UI core features to the level comparable with the classic UI and provide Flow UI modules for the most important add-ons like BPM, Multitenancy and Reports.
In Studio, we will improve stability and introduce a new way of creating UI for data model elements.
Our detailed roadmap is published as a GitHub project and updated regularly.
We are also constantly working on fixing issues in the current release 1.4. Patches 1.4.x will be released approximately once a month.
We'll be glad to see your feedback on our forum!
Thanks to all who contributed with their ideas, suggestions and bugreports!