[SHIRO-438] WilcardPermission: any token - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Resolved
Priority: Minor
Resolution: Incomplete
Affects Version/s: 1.3.0
Fix Version/s: None
Component/s: Authorization (access control)
Labels:
- features
- patch

Description

Attached is a proposal patch to add another special token in the WildcardPermission, the any token '?'.

When granting the any token on a permission level, it behaves exactly as the wildcard, and implies everything:
any -> any
any -> wildcard
any -> literals

When querying the any token on a permission level, it is implied by everything:
any -> any
wildcard -> any
literals -> any

Thus, it is quite similar to say: i don't care about the detail of this level, it's fine if the user is granted something on it. Typical use case is when using shiro permission to perform some fined-grained access control.

For instance to give read access on newsletter 13 to anyone who has been granted the access to read, edit or delete it. Instead of checking for:
newsletter:view:13 or newsletter:edit:13 or newsletter:delete:13
we can simply check for:
newsletter:?:13

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

wildcardpermission-any.patch
06/May/13 22:13
6 kB
picpoc

Activity

People

Assignee:: Unassigned

Reporter:: picpoc

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 06/May/13 22:12

Updated:: 05/Oct/16 18:40

Resolved:: 05/Oct/16 18:40