picpoc created SHIRO-438:
----------------------------
Summary: WilcardPermission: any token
Key: SHIRO-438
URL: https://issues.apache.org/jira/browse/SHIRO-438
Project: Shiro
Issue Type: New Feature
Components: Authorization (access control)
Affects Versions: 1.3.0
Reporter: picpoc
Priority: Minor
Fix For: 1.3.0
Attachments: wildcardpermission-any.patch
Attached is a proposal patch to add another special token in the
WildcardPermission, the any token '?'.
When granting the any token on a permission level, it behaves exactly as the
wildcard, and implies everything:
any -> any
any -> wildcard
any -> literals
When querying the any token on a permission level, it is implied by everything:
any -> any
wildcard -> any
literals -> any
Thus, it is quite similar to say: i don't care about the detail of this level,
it's fine if the user is granted something on it. Typical use case is when
using shiro permission to perform some fined-grained access control.
For instance to give read access on newsletter 13 to anyone who has been
granted the access to read, edit or delete it. Instead of checking for:
newsletter:view:13 or newsletter:edit:13 or newsletter:delete:13
we can simply check for:
newsletter:?:13
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
