You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@isis.apache.org by "Dan Haywood (JIRA)" <ji...@apache.org> on 2014/07/18 07:27:05 UTC
[jira] [Resolved] (ISIS-840) "Permission groups" for IsisPermission
(custom security string for Shiro) not working as advertised.
[ https://issues.apache.org/jira/browse/ISIS-840?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dan Haywood resolved ISIS-840.
------------------------------
Resolution: Fixed
> "Permission groups" for IsisPermission (custom security string for Shiro) not working as advertised.
> ----------------------------------------------------------------------------------------------------
>
> Key: ISIS-840
> URL: https://issues.apache.org/jira/browse/ISIS-840
> Project: Isis
> Issue Type: Bug
> Components: Core: Security: Shiro
> Affects Versions: core-1.5.0
> Reporter: Dan Haywood
> Assignee: Dan Haywood
> Fix For: core-1.6.0
>
>
> Per docs [1]
> user_role = !reg/org.estatio.api,\
> !reg/org.estatio.webapp.services.admin,\
> reg/* ;
> admin_role = adm/*
> then a user with both user_role and admin_role should have access to everything, because the two vetos in the "reg" group do not veto the permission provided in the "adm" group.
> ~~~
> Tracking this down showed the issue to be a reliance on equals() implementation in IsisPermission.
> [1] http://isis.apache.org/components/security/shiro/format-of-permissions.html
--
This message was sent by Atlassian JIRA
(v6.2#6252)