开发者

Shiro permission string has denied feature?

I use shiro plugin for grails and allow user to add permission at runtime. My controller has many actions such as index,list,edit,create,save,update,search,delete .... Suppose that controller name is "foo" The permission string for simple foo controller is foo:* means everybody which has this permission can access all actions of foo controller. but if I want to deny only delete actions I must compose the permission string like this foo:index,list,edit,create,save,update,search This work out but the permission string is very long, if my controller has the actions more than开发者_开发技巧 this. It would be better if there are the syntax like this foo:[delete] add square bracket or something like that to deny only delete action but allow the rest.

Thank you in advance.


You could subclass the WildCardPermission class. Then you override the implies-method and implement your own "deny-only" permission logic.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜