Instead of having one really big permission string (project:p1,p2,p3,p4,p5:read), think of having a bunch of small ones (project:p1:read, project:p2:read, etc), then just add or remove them from the roles as needed.
On Fri, Aug 19, 2016 at 2:25 PM, chambrenoire <[email protected]> wrote: > Thanks! > > I have looked at the doc and I must admit I haven't quite fully digested > Wildcard permissions yet! > > I was thinking of steering clear of instance permissions for the moment as > I'm not entirely sure how to implement them without ending up with colossal > permission strings for each user role. Plus I already manage user > entity > associations in my app so this would presumably replace that... Still pretty > hazy! > > CN > > > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Structuring-roles-and-permissions-tp7581233p7581235.html > Sent from the Shiro User mailing list archive at Nabble.com.
