You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@shiro.apache.org by "Deng Zhi Cheng (JIRA)" <ji...@apache.org> on 2013/07/05 04:25:48 UTC

[jira] [Created] (SHIRO-449) Instance Level Role

Deng Zhi Cheng created SHIRO-449:
------------------------------------

             Summary: Instance Level Role
                 Key: SHIRO-449
                 URL: https://issues.apache.org/jira/browse/SHIRO-449
             Project: Shiro
          Issue Type: New Feature
          Components: Authorization (access control) 
            Reporter: Deng Zhi Cheng


Take a project management application for example.
User 1 is the Project Manager of Project 1
User 2 is the Project Manager of Project 2
Using the existing instance level permission, we have following for each user:
user1  ->  project:edit,delete,addMember:1
user2  ->  project:edit,delete,addMember:2
Here the Role "Project Manager" is meaningless, because in this scenario the role is also instance specific. You can not simple assign a Project Manager role to a user.

So if we have instance level role, then we can model our authentication data as:
user1  ->  project:manager:1
user2  ->  project:manager:2

project:manager  ->  project:edit
                              project:delete
                              project:addMember
                              ......

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira