Uploaded image for project: 'Shiro'
  1. Shiro
  2. SHIRO-331

The Spring ACL has a cool feature that allow you to evaluate any SpEL when doing Authorization check using annotation. This is a feature that allow doing the same with shiro.

    XMLWordPrintableJSON

Details

    Description

      On Spring ACL you can annotate a function with something like this:

      @PreAuthorize("hasAnyRole('ROLE_SUPER_USER','ROLE_ SYSTEM_ADMIN') and hasPermission(#id, 'com.xyz.db.domain.impl.XyzConfigImpl', 'read')")

      Note the evaluation of a method, the use of logic operators, the ability t use the parameters passed to the method.
      This is a neccessary feature for doing any ACL like control check from an annotation because otherwise you're obliged to do the check your self from inside the method body.

      Attachments

        Activity

          People

            Unassigned Unassigned
            exilire2vie DIALLO Mamadou BObo
            Votes:
            3 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:

              Time Tracking

                Estimated:
                Original Estimate - 12h
                12h
                Remaining:
                Remaining Estimate - 12h
                12h
                Logged:
                Time Spent - Not Specified
                Not Specified