On 7/29/11 10:30 PM, Manoj Khangaonkar wrote: > On Fri, Jul 29, 2011 at 2:17 PM, gcollins <[email protected]> wrote: >> Hello Manoj, >> >> Thank you very much for the response. >> >> To make sure I understand, rephrasing my problem to match your example: >> >> File:*:File1.doc >> File:r,w:File2.doc >> ...... and so on >> >> Check permission: >> Subject.hasPermission("File:r:File1.doc") ; >> >> My problem is that I may have File1 to File500000, yet the user only has >> access permissions: >> >> File:*:File10.doc >> File:*:File1561.doc >> File:*:File496713.doc >> >> I don't want to check through File1 to File500000 to find out which ones >> should immediately be displayed to the user. If I understand you correctly, >> if I want to avoid this onerous check, it would be outside the scope of what >> Shiro is trying to achieve. i.e. it doesn't make sense for Shiro to have a >> method: >> >> Collection<String> permissions = Subject.getPermissions("File:r:*"); >> >> to return me the list of files that the user can access. >> >> My understanding is correct? >> > Yes. Such a method currently does not exist. > > Whether Shiro should provide such a method is broader discussion. I'll > let Les & others comment on that. > > I can see such methods being useful. But at best, Shiro might be able > to add some search methods to the > Realm interfaces, but Realm implementor will still need to implement them.
To some extent, these methods already exist in the Realm interfaces. Every realm must implement doGetAuthorizationInfo. The returned AuthorizationInfo instance exposes permissions and roles. I am too new to Shiro to comment on the right separation of concerns here, but to solve the practical problem, you can just reuse the implementation of this method in whatever Realm you are using. Phil > > >> thanks in advance, >> Gareth >> >> -- >> View this message in context: >> http://shiro-user.582556.n2.nabble.com/Retrieving-The-List-Of-Permissions-Or-Roles-For-A-User-tp6634613p6635017.html >> Sent from the Shiro User mailing list archive at Nabble.com. >> > >
