You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@isis.apache.org by "Dan Haywood (JIRA)" <ji...@apache.org> on 2014/07/17 14:31:05 UTC
[jira] [Created] (ISIS-840) "Permission groups" for IsisPermission
(custom security string for Shiro) not working as advertised.
Dan Haywood created ISIS-840:
--------------------------------
Summary: "Permission groups" for IsisPermission (custom security string for Shiro) not working as advertised.
Key: ISIS-840
URL: https://issues.apache.org/jira/browse/ISIS-840
Project: Isis
Issue Type: Bug
Reporter: Dan Haywood
Assignee: Dan Haywood
Per docs [1]
user_role = !reg/org.estatio.api,\
!reg/org.estatio.webapp.services.admin,\
reg/* ;
admin_role = adm/*
then a user with both user_role and admin_role should have access to everything, because the two vetos in the "reg" group do not veto the permission provided in the "adm" group.
~~~
Tracking this down showed the issue to be a reliance on equals() implementation in IsisPermission.
[1] http://isis.apache.org/components/security/shiro/format-of-permissions.html
--
This message was sent by Atlassian JIRA
(v6.2#6252)