Details
-
Improvement
-
Status: Closed
-
Major
-
Resolution: Fixed
-
None
-
None
Description
Both the shiro tag library and tapestry-security have seen fit to extend the permissions and role checks. It would be nice to have a complete set of annotations and permissions checks as follows:
Right now, Shiro supports:
@RequiresRoles(String)
@RequiresPermissions(String)
These have the additionally issue that multiple values are separated by commas, which conflicts with commas in the permission strings.
I would like to suggest the following more complete, and specific set:
@RequiresAllRoles(String[] ) <-- same as current RequiresRoles, except the AND is specified, and the roles can be done via:
@RequiresAllRoles(
{"role1", "role2"})
@RequiresAnyRoles(String[] ) <--- the OR version, runs if any role is implied.
@RequiresAllPermissions(String[] )
@RequiresAnyPermissions(String[] )
SecurityCheck(allRoles, anyRoles, allPermissions, anyPermissions) <--- all in one with one annotation