You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@isis.apache.org by "Dan Haywood (JIRA)" <ji...@apache.org> on 2014/07/16 20:42:04 UTC

[jira] [Commented] (ISIS-808) To reduce security permissioning setup, assume read-only access to all properties and collections if user's role have read-only permissions at the class level.

    [ https://issues.apache.org/jira/browse/ISIS-808?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14063882#comment-14063882 ] 

Dan Haywood commented on ISIS-808:
----------------------------------

Isn't this implicit anyway through the Isis wildcard perms?  I guess it's not; I think there's a subtlety.  Perhaps Jeroen can advise....

> To reduce security permissioning setup, assume read-only access to all properties and collections if user's role have read-only permissions at the class level.
> ---------------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: ISIS-808
>                 URL: https://issues.apache.org/jira/browse/ISIS-808
>             Project: Isis
>          Issue Type: Improvement
>          Components: Core
>    Affects Versions: security-shiro-1.5.0, core-1.5.0
>            Reporter: Dan Haywood
>            Assignee: Dan Haywood
>            Priority: Minor
>             Fix For: core-1.6.0
>
>
> Not exactly sure what this implies, possibly a refactoring in either core or the shiro security integration in terms of inferring permissions for properties.



--
This message was sent by Atlassian JIRA
(v6.2#6252)