[
https://issues.apache.org/jira/browse/ISIS-840?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Dan Haywood updated ISIS-840:
-----------------------------
Affects Version/s: core-1.5.0
> "Permission groups" for IsisPermission (custom security string for Shiro) not
> working as advertised.
> ----------------------------------------------------------------------------------------------------
>
> Key: ISIS-840
> URL: https://issues.apache.org/jira/browse/ISIS-840
> Project: Isis
> Issue Type: Bug
> Components: Core: Security: Shiro
> Affects Versions: core-1.5.0
> Reporter: Dan Haywood
> Assignee: Dan Haywood
> Fix For: core-1.6.0
>
>
> Per docs [1]
> user_role = !reg/org.estatio.api,\
> !reg/org.estatio.webapp.services.admin,\
> reg/* ;
> admin_role = adm/*
> then a user with both user_role and admin_role should have access to
> everything, because the two vetos in the "reg" group do not veto the
> permission provided in the "adm" group.
> ~~~
> Tracking this down showed the issue to be a reliance on equals()
> implementation in IsisPermission.
> [1]
> http://isis.apache.org/components/security/shiro/format-of-permissions.html
--
This message was sent by Atlassian JIRA
(v6.2#6252)
