You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@shiro.apache.org by "Jeremy Haile (JIRA)" <ji...@apache.org> on 2009/03/25 21:16:01 UTC

[jira] Created: (KI-71) Allow annotations to be parameterized based on method arguments

Allow annotations to be parameterized based on method arguments
---------------------------------------------------------------

                 Key: KI-71
                 URL: https://issues.apache.org/jira/browse/KI-71
             Project: Ki
          Issue Type: Improvement
          Components: Authorization (access control)
    Affects Versions: 0.9-RC1
            Reporter: Jeremy Haile
            Assignee: Jeremy Haile
             Fix For: 1.0


This would allow annotations to include dynamic values based on the String values of method arguments.

For example:

@RequiresPermissions( "editUser:${userId}" )
public void editUser( String userId ) {
 ...
}

If the method was called as editUser( 3 ), JSecurity would then check the permission "editUser:3" and if the current subject doesn't have the permission, an AuthorizationException would be thrown.

This should also work for the @RequiresRoles permission.  An exception should also be thrown if the parameter specified cannot be found as a method argument.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.