Both the shiro tag library and tapestry-security have seen fit to extend the permissions and role checks. It would be nice to have a complete set of annotations and permissions checks as follows:
Right now, Shiro supports:
These have the additionally issue that multiple values are separated by commas, which conflicts with commas in the permission strings.
I would like to suggest the following more complete, and specific set:
@RequiresAllRoles(String ) <-- same as current RequiresRoles, except the AND is specified, and the roles can be done via:
@RequiresAnyRoles(String ) <--- the OR version, runs if any role is implied.
SecurityCheck(allRoles, anyRoles, allPermissions, anyPermissions) <--- all in one with one annotation