Hi Jayanga,
I'm trying to authorize the current user with a particular action. I have
used the following code snippet, Is this correct?
public static boolean isUserAuthorized(String resource, String action) {
CarbonPermission carbonPermission = new CarbonPermission(resource,
action);
return ((CarbonPrincipal)
PrivilegedCarbonContext.getCurrentContext().getUserPrincipal())
.isAuthorized(carbonPermission);
}
Further, how do we define a set of Resources and Actions for them? Any
documentation on this?
Regards,
Vinod
On Wed, Aug 10, 2016 at 10:46 PM, Jayanga Kaushalya <[email protected]>
wrote:
> Hi Prabushi,
>
> Actually there will be no permissions that directly assigned to the user.
> All permissions are assigned through roles. By calling the above method in
> user will indirectly get all permissions through roles which are assigned
> to that particular user. If you need to get permissions for specific role,
> then you can use the same method in role.
>
> Thanks!
>
> *Jayanga Kaushalya*
> Software Engineer
> Mobile: +94777860160
> WSO2 Inc. | http://wso2.com
> lean.enterprise.middleware
>
> On Wed, Aug 10, 2016 at 10:31 PM, Prabushi Samarakoon <[email protected]>
> wrote:
>
>> Hi,
>>
>> Thank you for the clarifications Darshana and Jayanga.
>>
>> On Wed, Aug 10, 2016 at 8:08 PM, Jayanga Kaushalya <[email protected]>
>> wrote:
>>
>>> On Wed, Aug 10, 2016 at 5:56 PM, Prabushi Samarakoon <[email protected]
>>> > wrote:
>>>
>>>>
>>>> Hi All,
>>>>
>>>> 1. Is there an API method to get all the resources permitted to a
>>>> particular user or a role?
>>>>
>>>
>>> Yes. You can use the method getPermissions(Action action) [1] in User to
>>> retrieve all the permissions assigned to that particular user filtered by
>>> the action. Permission is a resource + action. So permissions filtered by
>>> the action is a list of permitted resources.
>>>
>>
>> Ah great, now I understood that part. Can we use the same way for a role
>> also? But in that case we might get duplicates of the resources right?
>>
>>>
>>>> 2. With this permission model, are we going to introduce the email
>>>> based authentication for the products, or remain with the username model?
>>>>
>>>> 3. In our current management console, we have one view to create the
>>>> user, and another view to create the user profile according to the given
>>>> http://wso2.org/claims. Is there a particular reason to have the user
>>>> profile in a separate view? Do we need to have two views for user creation
>>>> and profile in C5 model also?
>>>>
>>>> Any clarification on above matters is appreciated.
>>>>
>>>> Thanks and Regards,
>>>> Prabushi
>>>>
>>>> --
>>>> *Prabushi Samarakoon*
>>>> Software Engineer
>>>> Mobile: +94715434580
>>>> Email: [email protected]
>>>>
>>>
>>> [1] https://github.com/wso2/carbon-security/blob/master/comp
>>> onents/org.wso2.carbon.security.caas/src/main/java/org/wso2/
>>> carbon/security/caas/user/core/bean/User.java#L188
>>>
>>> Thanks!
>>>
>>
>>
>> Thanks and Regards.
>> --
>> *Prabushi Samarakoon*
>> Software Engineer
>> Mobile: +94715434580
>> Email: [email protected]
>>
>
>
> _______________________________________________
> Dev mailing list
> [email protected]
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>
--
Vinod Kavinda
Software Engineer
*WSO2 Inc. - lean . enterprise . middleware <http://www.wso2.com>.*
Mobile : +94 (0) 712 415544
Blog : http://soatechflicks.blogspot.com/
[image: http://wso2.com/signature]
<http://wso2.com/signature>
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
