Details
-
Improvement
-
Status: Open
-
Major
-
Resolution: Unresolved
-
None
-
None
-
None
-
None
Description
This would allow annotations to include dynamic values based on the String values of method arguments.
For example:
@RequiresPermissions( "editUser:${userId}" )
public void editUser( String userId ) {
...
}
If the method was called as editUser( 3 ), JSecurity would then check the permission "editUser:3" and if the current subject doesn't have the permission, an AuthorizationException would be thrown.
This should also work for the @RequiresRoles permission. An exception should also be thrown if the parameter specified cannot be found as a method argument.