You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by "Felipe Carvalho (JIRA)" <ji...@apache.org> on 2012/07/30 23:33:35 UTC
[jira] [Commented] (SHIRO-175) Improve Set of permission and role
checks
[ https://issues.apache.org/jira/browse/SHIRO-175?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13425266#comment-13425266 ]
Felipe Carvalho commented on SHIRO-175:
---------------------------------------
Please excuse my newbie question, but I've downloaded 1.2.1's source and bin distributions and can't seem to find the @RequiresAnyPermissions(String[] ) anywhere. Would anyone please let me know if the annotation really exists or if this was solved in any other way?
Thanks
> Improve Set of permission and role checks
> -----------------------------------------
>
> Key: SHIRO-175
> URL: https://issues.apache.org/jira/browse/SHIRO-175
> Project: Shiro
> Issue Type: Improvement
> Components: Authorization (access control)
> Reporter: Pierce Wetter
> Assignee: Kalle Korhonen
> Fix For: 1.1.0
>
>
> Both the shiro tag library and tapestry-security have seen fit to extend the permissions and role checks. It would be nice to have a complete set of annotations and permissions checks as follows:
> Right now, Shiro supports:
> @RequiresRoles(String)
> @RequiresPermissions(String)
> These have the additionally issue that multiple values are separated by commas, which conflicts with commas in the permission strings.
> I would like to suggest the following more complete, and specific set:
> @RequiresAllRoles(String[] ) <-- same as current RequiresRoles, except the AND is specified, and the roles can be done via:
> @RequiresAllRoles( {"role1", "role2"} )
> @RequiresAnyRoles(String[] ) <--- the OR version, runs if any role is implied.
> @RequiresAllPermissions(String[] )
> @RequiresAnyPermissions(String[] )
> SecurityCheck(allRoles, anyRoles, allPermissions, anyPermissions) <--- all in one with one annotation
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira