Feature Request: More complete set of permission and role checks.

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Feature Request: More complete set of permission and role checks.

Pierce Wetter

  Right now, Shiro supports:

  @RequiresRoles(String)

  @RequiresPermissions(String)

  I would like to suggest the following more complete, and specific set:


  @RequiresAllRoles(String[] )  <-- same as current RequiresRoles, except the AND is specified, and the roles can be done via:

  @RequiresAllRoles( roles={"role1", "role2"} )
 
  @RequiresAnyRoles(String[] )   <--- the OR version, runs if any role is implied.

  @RequiresAllPermissions(String[] )
  @RequiresAnyPermissions(String[] )

  SecurityCheck(allRoles, anyRoles, allPermissions, anyPermissions)  <--- all in one with one annotation

 What do you all think? This is similar to what I did in tapestry-security.

 Pierce

   
Reply | Threaded
Open this post in threaded view
|

Re: Feature Request: More complete set of permission and role checks.

Willi Schönborn
On 09/06/10 00:39, Pierce Wetter wrote:

>    Right now, Shiro supports:
>
>    @RequiresRoles(String)
>
>    @RequiresPermissions(String)
>
>    I would like to suggest the following more complete, and specific set:
>
>
>    @RequiresAllRoles(String[] )<-- same as current RequiresRoles, except the AND is specified, and the roles can be done via:
>
>    @RequiresAllRoles( roles={"role1", "role2"} )
>    
@RequiresAllRoles({"role1", "role2"}) would be nice
(value instead of roles)

>
>    @RequiresAnyRoles(String[] )<--- the OR version, runs if any role is implied.
>
>    @RequiresAllPermissions(String[] )
>    @RequiresAnyPermissions(String[] )
>
>    SecurityCheck(allRoles, anyRoles, allPermissions, anyPermissions)<--- all in one with one annotation
>
>   What do you all think? This is similar to what I did in tapestry-security.
>
>   Pierce
>
>    


--
Willi Schoenborn / Software Development
__ CosmoCode GmbH - http://www.cosmocode.de
__ Prenzlauer Allee 36, 10405 Berlin, Germany
__ Tel +49 30 814504087, Fax +49 30 28097093
__
__ Geschaeftsfuehrung (CEO): D. Huettemann, J. Riebesell
__ Amtsgericht Berlin-Charlottenburg, HRB 74063

Reply | Threaded
Open this post in threaded view
|

Re: Feature Request: More complete set of permission and role checks.

Les Hazlewood
Administrator
In reply to this post by Pierce Wetter
Hi Pierce,

This will be easy enough for us to support since we have a tag library
that does pretty much the same things.  The annotations could call the
same methods as the tag library.  Can you please open a Jira request
for this?  It will get lost otherwise...

Les

On Tue, Jun 8, 2010 at 3:39 PM, Pierce Wetter <[hidden email]> wrote:

>
>  Right now, Shiro supports:
>
>  @RequiresRoles(String)
>
>  @RequiresPermissions(String)
>
>  I would like to suggest the following more complete, and specific set:
>
>
>  @RequiresAllRoles(String[] )  <-- same as current RequiresRoles, except the AND is specified, and the roles can be done via:
>
>  @RequiresAllRoles( roles={"role1", "role2"} )
>
>  @RequiresAnyRoles(String[] )   <--- the OR version, runs if any role is implied.
>
>  @RequiresAllPermissions(String[] )
>  @RequiresAnyPermissions(String[] )
>
>  SecurityCheck(allRoles, anyRoles, allPermissions, anyPermissions)  <--- all in one with one annotation
>
>  What do you all think? This is similar to what I did in tapestry-security.
>
>  Pierce
>
>
Reply | Threaded
Open this post in threaded view
|

Re: Feature Request: More complete set of permission and role checks.

Pierce Wetter

On Jun 9, 2010, at 9:57 AM, Les Hazlewood wrote:

> Hi Pierce,
>
> This will be easy enough for us to support since we have a tag library
> that does pretty much the same things.  The annotations could call the
> same methods as the tag library.  Can you please open a Jira request
> for this?  It will get lost otherwise...

https://issues.apache.org/jira/browse/SHIRO-175

Reply | Threaded
Open this post in threaded view
|

Re: Feature Request: More complete set of permission and role checks.

Les Hazlewood-2
Thanks!

On Wed, Jun 9, 2010 at 10:12 AM, Pierce Wetter <[hidden email]> wrote:

>
> On Jun 9, 2010, at 9:57 AM, Les Hazlewood wrote:
>
>> Hi Pierce,
>>
>> This will be easy enough for us to support since we have a tag library
>> that does pretty much the same things.  The annotations could call the
>> same methods as the tag library.  Can you please open a Jira request
>> for this?  It will get lost otherwise...
>
> https://issues.apache.org/jira/browse/SHIRO-175
>
>