shiro-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "picpoc (JIRA)" <j...@apache.org>
Subject [jira] [Created] (SHIRO-438) WilcardPermission: any token
Date Mon, 06 May 2013 22:14:16 GMT
picpoc created SHIRO-438:
----------------------------

             Summary: WilcardPermission: any token
                 Key: SHIRO-438
                 URL: https://issues.apache.org/jira/browse/SHIRO-438
             Project: Shiro
          Issue Type: New Feature
          Components: Authorization (access control) 
    Affects Versions: 1.3.0
            Reporter: picpoc
            Priority: Minor
             Fix For: 1.3.0
         Attachments: wildcardpermission-any.patch

Attached is a proposal patch to add another special token in the WildcardPermission, the any
token '?'.

When granting the any token on a permission level, it behaves exactly as the wildcard, and
implies everything:
any -> any
any -> wildcard
any -> literals

When querying the any token on a permission level, it is implied by everything:
any -> any
wildcard -> any
literals -> any

Thus, it is quite similar to say: i don't care about the detail of this level, it's fine if
the user is granted something on it. Typical use case is when using shiro permission to perform
some fined-grained access control.

For instance to give read access on newsletter 13 to anyone who has been granted the access
to read, edit or delete it. Instead of checking for:
    newsletter:view:13 or newsletter:edit:13 or newsletter:delete:13
we can simply check for:
    newsletter:?:13

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message