You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@isis.apache.org by "Dan Haywood (JIRA)" <ji...@apache.org> on 2014/07/18 07:27:05 UTC

[jira] [Resolved] (ISIS-840) "Permission groups" for IsisPermission (custom security string for Shiro) not working as advertised.

     [ https://issues.apache.org/jira/browse/ISIS-840?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Dan Haywood resolved ISIS-840.
------------------------------

    Resolution: Fixed

> "Permission groups" for IsisPermission (custom security string for Shiro) not working as advertised.
> ----------------------------------------------------------------------------------------------------
>
>                 Key: ISIS-840
>                 URL: https://issues.apache.org/jira/browse/ISIS-840
>             Project: Isis
>          Issue Type: Bug
>          Components: Core: Security: Shiro
>    Affects Versions: core-1.5.0
>            Reporter: Dan Haywood
>            Assignee: Dan Haywood
>             Fix For: core-1.6.0
>
>
> Per docs [1]
> user_role   = !reg/org.estatio.api,\
>               !reg/org.estatio.webapp.services.admin,\
>               reg/* ;
> admin_role = adm/*
> then a user with both user_role and admin_role should have access to everything, because the two vetos in the "reg" group do not veto the permission provided in the "adm" group.
> ~~~
> Tracking this down showed the issue to be a reliance on equals() implementation in IsisPermission.
> [1] http://isis.apache.org/components/security/shiro/format-of-permissions.html



--
This message was sent by Atlassian JIRA
(v6.2#6252)