AFAIK there is a fixed set of actions (read, write, authorize, etc) that you can perform on resource. They are defined in a static class which I can not find right now :-(. What you need to do is check if each of them is allowed on a given resource.
Danushka On Sat, Jan 22, 2011 at 10:03 AM, Indika Kumara <[email protected]> wrote: > Yes, What I needed was to get the all actions (permissions) a user can do > with a given resource. As per now, I decided going for a workaround. I will > prepare a document by the time of reviewing of this POC, including the > improvements/changes required at the Cassandra (some are already discussed > in the Cassandra' mailing list), options for leveraging it our products, and > so on. > > BTW, In the Cassandra's security model, a user has a set of groups and each > group has roles > > Thanks, > > Indika > > On Sat, Jan 22, 2011 at 10:12 AM, Sanjiva Weerawarana <[email protected]>wrote: > >> IMO these API calls still don't give what Indika is looking for - he's >> asking how can I find out what a person can do. This model allows you to >> find the list of roles a person is in and then ask whether that roles is >> authorized to do X, Y, Z. However what he's looking for is list of all X, Y >> and Zs. >> >> Sanjiva. >> >> >> On Fri, Jan 21, 2011 at 10:24 PM, Dimuthu Leelarathne >> <[email protected]>wrote: >> >>> Hi, >>> >>> Since this is a POC we can do this. >>> >>> First we can call >>> -public String[] getRoleListOfUser(String userName) throws >>> UserStoreException in UserStoreManager >>> Then we can call the following function for all possible combinations. >>> -public boolean isRoleAuthorized(String roleName, String resourceId, >>> String action) >>> throws UserStoreException; >>> >>> Thanks, >>> Dimuthu >>> >>> >>> On Fri, Jan 21, 2011 at 10:18 PM, Indika Kumara <[email protected]> wrote: >>> >>>> Thanks Dimuthu.. >>>> >>>> BTW, what would be the best solution (may be a workaround) - get the >>>> roles associated with a given user and then the permissions for roles. >>>> >>>> Thanks, >>>> >>>> Indika >>>> >>>> >>>> On Fri, Jan 21, 2011 at 10:44 PM, Dimuthu Leelarathne < >>>> [email protected]> wrote: >>>> >>>>> Hi, >>>>> >>>>> On Fri, Jan 21, 2011 at 10:12 PM, Indika Kumara <[email protected]>wrote: >>>>> >>>>>> HI Dimuthu, >>>>>> >>>>>> My questions was different ... I needed to get all permissions >>>>>> associated with a given user for a given resource. >>>>>> >>>>>> Something like >>>>>> >>>>>> public Permission[] getAllowedPermissions(String username, String >>>>>> resourceParth) >>>>>> >>>>>> The Cassandra's authorization API requires that. >>>>>> >>>>>> >>>>> Sorry misread your mail. >>>>> >>>>> Yes can be done. But user permissions are being deprecated. >>>>> >>>>> Thanks, >>>>> Dimuthu >>>>> >>>>> >>>>>> Thanks, >>>>>> >>>>>> Indika >>>>>> >>>>>> >>>>>> >>>>>> On Fri, Jan 21, 2011 at 10:33 PM, Dimuthu Leelarathne < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> Hi, >>>>>>> >>>>>>> There is a method like this in AuthorizationManager. >>>>>>> >>>>>>> public String[] getExplicitlyDeniedUsersForResource(String >>>>>>> resourceId, String action) >>>>>>> throws UserStoreException; >>>>>>> >>>>>>> public String[] getExplicitlyAllowedUsersForResource(String >>>>>>> resourceId, String action) >>>>>>> throws UserStoreException; >>>>>>> >>>>>>> However these methods are deprecated since we plan to use role based >>>>>>> permissions. >>>>>>> >>>>>>> thanks, >>>>>>> dimuthu >>>>>>> >>>>>>> On Fri, Jan 21, 2011 at 9:44 PM, Indika Kumara <[email protected]>wrote: >>>>>>> >>>>>>>> Hi All, >>>>>>>> >>>>>>>> Could I get the all permission (or actions) allowed for a given user >>>>>>>> to a given resource - something like getAllowedPermissions(String >>>>>>>> username, >>>>>>>> String resourceParth)? I cannot find a method in the >>>>>>>> 'AuthorizationManager'. >>>>>>>> >>>>>>>> >>>>>>>> Could someone help me on this matter? >>>>>>>> >>>>>>>> Thanks, >>>>>>>> >>>>>>>> Indika >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> Carbon-dev mailing list >>>>>>>> [email protected] >>>>>>>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Carbon-dev mailing list >>>>>>> [email protected] >>>>>>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>>>> >>>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> Carbon-dev mailing list >>>>>> [email protected] >>>>>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>>> >>>>>> >>>>> >>>>> _______________________________________________ >>>>> Carbon-dev mailing list >>>>> [email protected] >>>>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>> >>>>> >>>> >>>> _______________________________________________ >>>> Carbon-dev mailing list >>>> [email protected] >>>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>> >>>> >>> >>> _______________________________________________ >>> Carbon-dev mailing list >>> [email protected] >>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >>> >> >> >> -- >> Sanjiva Weerawarana, Ph.D. >> Founder, Chairman & CEO; WSO2, Inc.; http://wso2.com/ >> email: [email protected]; phone: +94 11 763 9614; cell: +94 77 787 6880 | >> +1 650 265 8311 >> blog: http://sanjiva.weerawarana.org/ >> >> Lean . Enterprise . Middleware >> >> _______________________________________________ >> Carbon-dev mailing list >> [email protected] >> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >> >> > > _______________________________________________ > Carbon-dev mailing list > [email protected] > https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev > >
_______________________________________________ Carbon-dev mailing list [email protected] https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev
