[jira] Resolved: (SHIRO-175) Improve Set of permission and role checks

Mon, 02 Aug 2010 21:32:54 -0700 

     [ 
https://issues.apache.org/jira/browse/SHIRO-175?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Kalle Korhonen resolved SHIRO-175.
----------------------------------

    Fix Version/s: 1.1.0
       Resolution: Fixed

There are several slight changes implemented as part of this issue:
- All annotations can now be applied to classes as well 
(@Target(ElementType.TYPE)) in addition to methods
- There's a new Logical annotation parameter that can be used to indicate the 
desired logic for processing multiple values for RequiresXXX annotations
- added Subject.checkRoles(String... roles) for completeness (compare to 
checkPermissions(...) ). I don't like this last part too much as multiple 
checkXXX operations make the API convoluted and the decision logic for 
processing them asymmetric (some exceptions are thrown from handlers whereas 
others are thrown from Authorizer). Closing the issue for now but re-open with 
comments or open new issues as needed.

> Improve Set of permission and role checks
> -----------------------------------------
>
>                 Key: SHIRO-175
>                 URL: https://issues.apache.org/jira/browse/SHIRO-175
>             Project: Shiro
>          Issue Type: Improvement
>          Components: Authorization (access control) 
>            Reporter: Pierce Wetter
>            Assignee: Kalle Korhonen
>             Fix For: 1.1.0
>
>
> Both the shiro tag library and tapestry-security have seen fit to extend the 
> permissions and role checks. It would be nice to have a complete set of 
> annotations and permissions checks as follows:
> Right now, Shiro supports:
>  @RequiresRoles(String)
>  @RequiresPermissions(String)
> These have the additionally issue that multiple values are separated by 
> commas, which conflicts with commas in the permission strings.
>  I would like to suggest the following more complete, and specific set:
>  @RequiresAllRoles(String[] )  <-- same as current RequiresRoles, except the 
> AND is specified, and the roles can be done via:
>  @RequiresAllRoles( {"role1", "role2"} )
>  @RequiresAnyRoles(String[] )   <--- the OR version, runs if any role is 
> implied. 
>  @RequiresAllPermissions(String[] )
>  @RequiresAnyPermissions(String[] )
>  SecurityCheck(allRoles, anyRoles, allPermissions, anyPermissions)  <--- all 
> in one with one annotation

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to