Hello,
I am using shiro for the server side of a gwt application. I did not find a
clear explanation in the documentation about instance permission handling.
My permissions are stored in a database. With a users_roles table and a
roles_permissions table.
The doc says that we can use instance level for permission
("item:delete:13") with the WildcardPermission default system, where 13 is
the ID of the item.
Now, my question is :
1 - how to associate levels to permissions ? Do I have to store the
permission name + the level (edit, create, delete, ...) in the
roles_permissions table ?
example :
admin | item:create
admin | item:delete
admin | item:edit
2 - how to set up the instance access ?
If I grant access to everything, I suppose that I could something like : (if
previous example is correct)
admin | item:create:*
admin | item:delete:*
admin | item:edit:*
But if I only want to grant edit access on an item to users that have
created this item, how can I do ? I suppose that there should have a method
to overload somewhere but I am a bit lost.
Thanks,
Nicolas.
