[GitHub] [shiro-site] bdemers commented on a change in pull request #127: Add related links to page template

Wed, 20 Oct 2021 14:49:45 -0700 


bdemers commented on a change in pull request #127:
URL: https://github.com/apache/shiro-site/pull/127#discussion_r733171498



##########
File path: jbake/content/permissions.adoc
##########
@@ -1,282 +1,306 @@
-# <a 
name="Permissions-UnderstandingPermissionsinApacheShiro"></a>Understanding 
Permissions in Apache Shiro
-
+= Understanding Permissions in Apache Shiro
+:jbake-type: page
+:jbake-status: published
+:jbake-tags: permissions, authorization
+:jbake-related: { "links": ["java-authorization-guide.html", 
"webapp-tutorial.html", "get-started.html", "10-minute-tutorial.html"] }
+:idprefix:
+~~~~~~
+
+[#Permissions-UnderstandingPermissionsinApacheShiro]
 Shiro defines a Permission as a statement that defines an explicit behavior or 
action. It is a statement of raw functionality in an application and nothing 
more. Permissions are the lowest-level constructs in security polices, and they 
explicitly define only "what" the application can do.
 
 They do _not_ at all describe "who" is able to perform the action(s).
 
 Some examples of permissions:
 
-*   Open a file
-*   View the '/user/list' web page
-*   Print documents
-*   Delete the 'jsmith' user
+* Open a file
+* View the '/user/list' web page
+* Print documents
+* Delete the 'jsmith' user
 
 Defining "who" (users) is allowed to do "what" (permissions) is an exercise of 
assigning permissions to users in some way. This is always done by the 
application's data model and can vary greatly across applications.
 
 For example, permissions can be grouped in a Role and that Role could be 
associated with one or more User objects. Or some applications can have a Group 
of users and a Group can be assigned a Role, which by transitive association 
would mean that all the Users in that Group are implicitly granted the 
permissions in the Role.
 
 There are many variations for how permissions could be granted to users - the 
application determines how to model this based on the application requirements.
 
-<a name="Permissions-WildcardPermissions"></a>
-##Wildcard Permissions
+== Wildcard Permissions

Review comment:
       I'm indifferent on keeping or removing them, it would be easier to 
remove them (and use generated ones as needed)




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@shiro.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Reply via email to