[Adding Thanuja] *Jayanga Kaushalya* Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware
On Fri, Aug 12, 2016 at 10:26 AM, Vinod Kavinda <vi...@wso2.com> wrote: > Hi Jayanga, > I'm trying to authorize the current user with a particular action. I have > used the following code snippet, Is this correct? > > public static boolean isUserAuthorized(String resource, String action) { > CarbonPermission carbonPermission = new CarbonPermission(resource, > action); > return ((CarbonPrincipal) PrivilegedCarbonContext.getCurrentContext(). > getUserPrincipal()) > .isAuthorized(carbonPermission); > } > > Further, how do we define a set of Resources and Actions for them? Any > documentation on this? > > Regards, > Vinod > > On Wed, Aug 10, 2016 at 10:46 PM, Jayanga Kaushalya <jayan...@wso2.com> > wrote: > >> Hi Prabushi, >> >> Actually there will be no permissions that directly assigned to the user. >> All permissions are assigned through roles. By calling the above method in >> user will indirectly get all permissions through roles which are assigned >> to that particular user. If you need to get permissions for specific role, >> then you can use the same method in role. >> >> Thanks! >> >> *Jayanga Kaushalya* >> Software Engineer >> Mobile: +94777860160 >> WSO2 Inc. | http://wso2.com >> lean.enterprise.middleware >> >> On Wed, Aug 10, 2016 at 10:31 PM, Prabushi Samarakoon <prabus...@wso2.com >> > wrote: >> >>> Hi, >>> >>> Thank you for the clarifications Darshana and Jayanga. >>> >>> On Wed, Aug 10, 2016 at 8:08 PM, Jayanga Kaushalya <jayan...@wso2.com> >>> wrote: >>> >>>> On Wed, Aug 10, 2016 at 5:56 PM, Prabushi Samarakoon < >>>> prabus...@wso2.com> wrote: >>>> >>>>> >>>>> Hi All, >>>>> >>>>> 1. Is there an API method to get all the resources permitted to a >>>>> particular user or a role? >>>>> >>>> >>>> Yes. You can use the method getPermissions(Action action) [1] in User >>>> to retrieve all the permissions assigned to that particular user filtered >>>> by the action. Permission is a resource + action. So permissions filtered >>>> by the action is a list of permitted resources. >>>> >>> >>> Ah great, now I understood that part. Can we use the same way for a >>> role also? But in that case we might get duplicates of the resources right? >>> >>>> >>>>> 2. With this permission model, are we going to introduce the email >>>>> based authentication for the products, or remain with the username model? >>>>> >>>>> 3. In our current management console, we have one view to create the >>>>> user, and another view to create the user profile according to the given >>>>> http://wso2.org/claims. Is there a particular reason to have the user >>>>> profile in a separate view? Do we need to have two views for user creation >>>>> and profile in C5 model also? >>>>> >>>>> Any clarification on above matters is appreciated. >>>>> >>>>> Thanks and Regards, >>>>> Prabushi >>>>> >>>>> -- >>>>> *Prabushi Samarakoon* >>>>> Software Engineer >>>>> Mobile: +94715434580 >>>>> Email: prabus...@wso2.com >>>>> >>>> >>>> [1] https://github.com/wso2/carbon-security/blob/master/comp >>>> onents/org.wso2.carbon.security.caas/src/main/java/org/wso2/ >>>> carbon/security/caas/user/core/bean/User.java#L188 >>>> >>>> Thanks! >>>> >>> >>> >>> Thanks and Regards. >>> -- >>> *Prabushi Samarakoon* >>> Software Engineer >>> Mobile: +94715434580 >>> Email: prabus...@wso2.com >>> >> >> >> _______________________________________________ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > Vinod Kavinda > Software Engineer > *WSO2 Inc. - lean . enterprise . middleware <http://www.wso2.com>.* > Mobile : +94 (0) 712 415544 > Blog : http://soatechflicks.blogspot.com/ > [image: http://wso2.com/signature] > <http://wso2.com/signature> > >
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev