You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by "Deng Zhi Cheng (JIRA)" <ji...@apache.org> on 2013/07/05 04:25:48 UTC
[jira] [Created] (SHIRO-449) Instance Level Role
Deng Zhi Cheng created SHIRO-449:
------------------------------------
Summary: Instance Level Role
Key: SHIRO-449
URL: https://issues.apache.org/jira/browse/SHIRO-449
Project: Shiro
Issue Type: New Feature
Components: Authorization (access control)
Reporter: Deng Zhi Cheng
Take a project management application for example.
User 1 is the Project Manager of Project 1
User 2 is the Project Manager of Project 2
Using the existing instance level permission, we have following for each user:
user1 -> project:edit,delete,addMember:1
user2 -> project:edit,delete,addMember:2
Here the Role "Project Manager" is meaningless, because in this scenario the role is also instance specific. You can not simple assign a Project Manager role to a user.
So if we have instance level role, then we can model our authentication data as:
user1 -> project:manager:1
user2 -> project:manager:2
project:manager -> project:edit
project:delete
project:addMember
......
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira