[
https://issues.apache.org/jira/browse/SHIRO-438?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15342380#comment-15342380
]
Brian Demers commented on SHIRO-438:
------------------------------------
how is this different from the current wild card?
Can you provide a few examples?
> WilcardPermission: any token
> ----------------------------
>
> Key: SHIRO-438
> URL: https://issues.apache.org/jira/browse/SHIRO-438
> Project: Shiro
> Issue Type: New Feature
> Components: Authorization (access control)
> Affects Versions: 1.3.0
> Reporter: picpoc
> Priority: Minor
> Labels: features, patch
> Fix For: 1.3.0
>
> Attachments: wildcardpermission-any.patch
>
>
> Attached is a proposal patch to add another special token in the
> WildcardPermission, the any token '?'.
> When granting the any token on a permission level, it behaves exactly as the
> wildcard, and implies everything:
> any -> any
> any -> wildcard
> any -> literals
> When querying the any token on a permission level, it is implied by
> everything:
> any -> any
> wildcard -> any
> literals -> any
> Thus, it is quite similar to say: i don't care about the detail of this
> level, it's fine if the user is granted something on it. Typical use case is
> when using shiro permission to perform some fined-grained access control.
> For instance to give read access on newsletter 13 to anyone who has been
> granted the access to read, edit or delete it. Instead of checking for:
> newsletter:view:13 or newsletter:edit:13 or newsletter:delete:13
> we can simply check for:
> newsletter:?:13
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
