[Adding Thanuja]
*Jayanga Kaushalya*
Software Engineer
Mobile: +94777860160
WSO2 Inc. | http://wso2.com
lean.enterprise.middleware
On Fri, Aug 12, 2016 at 10:26 AM, Vinod Kavinda <vi...@wso2.com> wrote:
> Hi Jayanga,
> I'm trying to authorize the current user with a particular action. I have
> used the following code snippet, Is this correct?
>
> public static boolean isUserAuthorized(String resource, String action) {
> CarbonPermission carbonPermission = new CarbonPermission(resource,
> action);
> return ((CarbonPrincipal) PrivilegedCarbonContext.getCurrentContext().
> getUserPrincipal())
> .isAuthorized(carbonPermission);
> }
>
> Further, how do we define a set of Resources and Actions for them? Any
> documentation on this?
>
> Regards,
> Vinod
>
> On Wed, Aug 10, 2016 at 10:46 PM, Jayanga Kaushalya <jayan...@wso2.com>
> wrote:
>
>> Hi Prabushi,
>>
>> Actually there will be no permissions that directly assigned to the user.
>> All permissions are assigned through roles. By calling the above method in
>> user will indirectly get all permissions through roles which are assigned
>> to that particular user. If you need to get permissions for specific role,
>> then you can use the same method in role.
>>
>> Thanks!
>>
>> *Jayanga Kaushalya*
>> Software Engineer
>> Mobile: +94777860160
>> WSO2 Inc. | http://wso2.com
>> lean.enterprise.middleware
>>
>> On Wed, Aug 10, 2016 at 10:31 PM, Prabushi Samarakoon <prabus...@wso2.com
>> > wrote:
>>
>>> Hi,
>>>
>>> Thank you for the clarifications Darshana and Jayanga.
>>>
>>> On Wed, Aug 10, 2016 at 8:08 PM, Jayanga Kaushalya <jayan...@wso2.com>
>>> wrote:
>>>
>>>> On Wed, Aug 10, 2016 at 5:56 PM, Prabushi Samarakoon <
>>>> prabus...@wso2.com> wrote:
>>>>
>>>>>
>>>>> Hi All,
>>>>>
>>>>> 1. Is there an API method to get all the resources permitted to a
>>>>> particular user or a role?
>>>>>
>>>>
>>>> Yes. You can use the method getPermissions(Action action) [1] in User
>>>> to retrieve all the permissions assigned to that particular user filtered
>>>> by the action. Permission is a resource + action. So permissions filtered
>>>> by the action is a list of permitted resources.
>>>>
>>>
>>> Ah great, now I understood that part. Can we use the same way for a
>>> role also? But in that case we might get duplicates of the resources right?
>>>
>>>>
>>>>> 2. With this permission model, are we going to introduce the email
>>>>> based authentication for the products, or remain with the username model?
>>>>>
>>>>> 3. In our current management console, we have one view to create the
>>>>> user, and another view to create the user profile according to the given
>>>>> http://wso2.org/claims. Is there a particular reason to have the user
>>>>> profile in a separate view? Do we need to have two views for user creation
>>>>> and profile in C5 model also?
>>>>>
>>>>> Any clarification on above matters is appreciated.
>>>>>
>>>>> Thanks and Regards,
>>>>> Prabushi
>>>>>
>>>>> --
>>>>> *Prabushi Samarakoon*
>>>>> Software Engineer
>>>>> Mobile: +94715434580
>>>>> Email: prabus...@wso2.com
>>>>>
>>>>
>>>> [1] https://github.com/wso2/carbon-security/blob/master/comp
>>>> onents/org.wso2.carbon.security.caas/src/main/java/org/wso2/
>>>> carbon/security/caas/user/core/bean/User.java#L188
>>>>
>>>> Thanks!
>>>>
>>>
>>>
>>> Thanks and Regards.
>>> --
>>> *Prabushi Samarakoon*
>>> Software Engineer
>>> Mobile: +94715434580
>>> Email: prabus...@wso2.com
>>>
>>
>>
>> _______________________________________________
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Vinod Kavinda
> Software Engineer
> *WSO2 Inc. - lean . enterprise . middleware <http://www.wso2.com>.*
> Mobile : +94 (0) 712 415544
> Blog : http://soatechflicks.blogspot.com/
> [image: http://wso2.com/signature]
> <http://wso2.com/signature>
>
>
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
