Re: Checking validity of wildcard permissions

Mon, 21 May 2012 11:27:33 -0700 

Paulo's solution is probably the best if you want to be type-safe and
still use WildcardPermission strings.

But don't forget that these strings are convenience notations for
actual Permission instances (WildcardPermission).  If you want to be
fully type-safe with all the OO features you might need, you can
implement the Permission interface directly:

UserPermission
PrinterPermission
FilePermission
etc
etc

and have type-safe actions as enums:

public enum FileAction {
    OPEN,
    DELETE,
    APPEND,
    ...
}

new FilePermission(FileAction.DELETE);

The Permission instances themselves can also be represented as an Enum
(Permission.OPEN_FILE == new FilePermission(FileAction.OPEN));

Aside from having a nice concrete set of type-safe behaviors (great
for compile-time error checking, etc), the other big benefit of this
approach is speed - these implementations will naturally be faster
than something based on String tokenizing/parsing.  This can be a big
deal if you have a lot of permissions and/or a lot of permission
checks.

HTH,

--
Les Hazlewood
CTO, Stormpath | http://stormpath.com | 888.391.5282
twitter: @lhazlewood | http://twitter.com/lhazlewood
blog: http://leshazlewood.com
stormpath blog: http://www.stormpath.com/blog

On Sun, May 20, 2012 at 12:51 PM, John Moore <[email protected]> wrote:
> I'm using wildcard permissions in a Grails application I'm working on, and
> there is something which has been bothering me in terms of code robustness,
> so I'm interested in hearing how others deal with this - it may not be a
> problem at all. The question is this - if we're using simple strings, with
> no compile time checking, what can we do to avoid problems from mistyping
> permissions? That is, when you test in your application whether the subject
> has permission to do something, e.g.,
>
> if ( SecurityUtils.getSubject().isPermitted("printer:query:lp7200") {
>  //do something
> }
>
> how do you know that that what you are checking for is a valid permission?
> For example, the user may actually have been assigned the permission
> "printing:query:lp7200" (i.e., "printing" not "printer"), so this test would
> return false. It strikes me as something of a potential minefield for
> errors. Is there some good way of making sure checked-for permissions match
> assigned permissions? Or is this just something you have to put lots of
> testing code in for?

Reply via email to