You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@isis.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2014/07/18 07:27:06 UTC
[jira] [Commented] (ISIS-840) "Permission groups" for
IsisPermission (custom security string for Shiro) not working as
advertised.
[ https://issues.apache.org/jira/browse/ISIS-840?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14066061#comment-14066061 ]
ASF subversion and git services commented on ISIS-840:
------------------------------------------------------
Commit 2772d87671fdea08428f00d6823e264c9c44406e in isis's branch refs/heads/master from [~danhaywood]
[ https://git-wip-us.apache.org/repos/asf?p=isis.git;h=2772d87 ]
ISIS-840: fix perm group stuff for IsisPermission
Also (commented out) updates to the todoapp example.
> "Permission groups" for IsisPermission (custom security string for Shiro) not working as advertised.
> ----------------------------------------------------------------------------------------------------
>
> Key: ISIS-840
> URL: https://issues.apache.org/jira/browse/ISIS-840
> Project: Isis
> Issue Type: Bug
> Components: Core: Security: Shiro
> Affects Versions: core-1.5.0
> Reporter: Dan Haywood
> Assignee: Dan Haywood
> Fix For: core-1.6.0
>
>
> Per docs [1]
> user_role = !reg/org.estatio.api,\
> !reg/org.estatio.webapp.services.admin,\
> reg/* ;
> admin_role = adm/*
> then a user with both user_role and admin_role should have access to everything, because the two vetos in the "reg" group do not veto the permission provided in the "adm" group.
> ~~~
> Tracking this down showed the issue to be a reliance on equals() implementation in IsisPermission.
> [1] http://isis.apache.org/components/security/shiro/format-of-permissions.html
--
This message was sent by Atlassian JIRA
(v6.2#6252)