Hi Danushka, I haven't got any issues from this and just wanted to overcome the doubt. Thanks for the clarification.
Regards, On Tue, Sep 8, 2015 at 5:55 PM, Danushka Fernando <[email protected]> wrote: > Usually idea is admin can do any thing. That's why admin role has been > given permissions to all root paths like all action to registry path '/', > permissions to the permission tree root node '/permission'. So I guess this > is the default behavior. Are you facing any issues due to this? > > Thanks & Regards > Danushka Fernando > Senior Software Engineer > WSO2 inc. http://wso2.com/ > Mobile : +94716332729 > > On Tue, Sep 8, 2015 at 3:21 PM, Milan Perera <[email protected]> wrote: > >> Hi, >> >> I'm using below code to check whether a given user is authorized with >> respect to a specific permission which is stored in the registry. >> >> boolean isUserAuthorized = >> CarbonContext.getThreadLocalCarbonContext().getUserRealm(). >> getAuthorizationManager().isUserAuthorized(username, permission, >> permissionMethod); >> >> for an example, if I check with following parameters, it returns *true*. >> >> >> usernameadminpermission >> /_system/governance/permission/admin/device-mgt/enrollment >> permissionMethodwrite >> >> return*true* >> >> However, even if I check a permission which is actually not stored in >> the registry at the moment also returns *true* for an user who is having >> an admin role. >> ex: >> >> usernameadminpermissionaaaaaaaaabbbbbbbb >> permissionMethodwrite >> >> return*true* >> >> >> Is this an expected >> behaviour? >> >> >> Regards, >> >> -- >> *Milan Harindu Perera *| Software Engineer >> WSO2, Inc | lean. enterprise. middleware. >> #20, Palm Grove, Colombo 03, Sri Lanka >> Mobile: +94 77 309 7088 | Work: +94 11 214 5345 >> Email: [email protected] <[email protected]> | Web: www.wso2.com >> <http://lk.linkedin.com/in/milanharinduperera> >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > -- *Milan Harindu Perera *| Software Engineer WSO2, Inc | lean. enterprise. middleware. #20, Palm Grove, Colombo 03, Sri Lanka Mobile: +94 77 309 7088 | Work: +94 11 214 5345 Email: [email protected] <[email protected]> | Web: www.wso2.com <http://lk.linkedin.com/in/milanharinduperera>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
