Hi Ahmed, I am at the start of my journey using Shiro and do not yet have any production code using it. I am planning on passing back the permissions to the browser so that the browser can also check them (This would probably be easier using the jsp tags but we are not).
Regards, Stuart On Fri, Aug 2, 2013 at 1:47 PM, akhan <[email protected]> wrote: > Hi Richard/Stuart, > > Since I have been looking at something similar but with support for groups > (in addition to users and roles) and came up with a database model to store > all the authorization information Database Model Question > < > http://stackoverflow.com/questions/17914671/database-model-for-authorization > > > . Now I am looking at developing a custom implementation of Shiro > PermissionResolver to fit with my model. > > I however, haven't had much progress on how to go about it the best > approach > of introducing groups. Also a question for you both is do you also use > Shiro > for filtering/authorizing the data accessible to users for VIEWING i.e. if > there is a HTML drop down listing all the items the current user has access > to - do you use parameterized SQL query of your Shiro permissions to filter > out the items that should be in the drop down list. > > Cheers > Ahmed > > > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Best-Permission-Structure-e-g-User-departments-tp7578991p7578999.html > Sent from the Shiro User mailing list archive at Nabble.com. >
