[
https://issues.apache.org/jira/browse/SHIRO-657?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16741028#comment-16741028
]
Junling Bu commented on SHIRO-657:
----------------------------------
Your suggestion can work. Actually, we can put permission and description in
the database or a json file. I checked some open source projects, which use
shiro or other security related library, and find that there is a table
'permission' which need to add permission data later. And the reason I prefer
to put into the annotation is simple that we do not need to write the magic
permission value twice.
Even this permission is wildcard permission, using desc can give a little more
information about permission. We can generate a view of server which
permissions are required and how we call this permission. Moreover, this is
the server layer rather than web layer. Front-end developer can learn from this
directly, and they can design different final user permission view.
Anyway, I just share an idea of using shiro :)
You can close this issue if you want.
> Add desc to RequiresPermissions
> -------------------------------
>
> Key: SHIRO-657
> URL: https://issues.apache.org/jira/browse/SHIRO-657
> Project: Shiro
> Issue Type: Improvement
> Reporter: Junling Bu
> Priority: Minor
>
> This is a feature request.
> The use case is that I can parse RequiresPermissions to generate system
> permission list.
> However, I want to generate description text for each defined permission
> meanwhile.
> These texts will give better user experience rather than actual permissions.
> For example:
> {code:java}
> @RequiresPermissions(value="admin:list", desc="Admin List Permission")
> @GetMapping("/list")
> public Object list(){
> }
> {code}
> Afterwards, I can generate following json array and only show label property
> for users.
> {code:json}
> [
> {
> id: "admin:list",
> label: "Admin List Permission"
> }
> ...
> ]
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
