[
https://issues.apache.org/jira/browse/SHIRO-492?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14203136#comment-14203136
]
Guillaume Leger commented on SHIRO-492:
---------------------------------------
To add on to what John is saying, it would be great to be able to do this with
a user's permission set as well.
Our users typically only have a few permissions. It doesn't make sense to
iterate through all of our system's data and check whether they have access to
each resource rather than simply load the ones they have permissions for.
> Subject.getRoles() functionality
> --------------------------------
>
> Key: SHIRO-492
> URL: https://issues.apache.org/jira/browse/SHIRO-492
> Project: Shiro
> Issue Type: Improvement
> Components: Authorization (access control)
> Reporter: John Vines
>
> Currently shiro provides the ability to respond whether or not a user has a
> list of Authorizations. However, while the realms have methods for getting
> all authorizations (protected), these are not exposed in normal use to allow
> asking for all Roles. This should be exposed by adding a call to Subject to
> getRoles, to complement it's existing hasRoles calls. This may require making
> some of the calls around authorizations, like getAuthorizationInfo in
> AuthorizingRealm, public.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
