I have a User who has the permission "project:create". This means
they can create new Project entities in the system.
I display a list of Projects to this user. If the user has the
"project:edit:project_id" permission, an edit button appears next to
the project name. Same for "project:delete:project_id" with a delete
button.
So when the user creates a new project, I want to immediately add the
permissions "project:edit:project_id" and "project:delete:project_id"
to the user. This is so that when the page refreshes after adding a
project, they see a revised list of projects that includes the new
project with the edit and delete buttons. Right now, they see the
project, but can't edit or delete it.
How do I do this? I've already modified my User.permissions entities
and persisted it to my datastore. So the next time they login, they
will have the right permissions. I've tested logging out and back in,
and it shows the edit and delete buttons.
I first thought to look in SecurityUtils.getSubject(), but it only
provides read methods, nothing to change the permissions.
Then I thought that I should just re-authorize them somehow --
basically get my Realm.doGetAuthorizationInfo method to run again,
which would reload their permissions based on the User.permissions
data in the datastore. But I'm not sure how to go about doing this.
Here is my Realm code if it helps:
protected AuthorizationInfo
doGetAuthorizationInfo(PrincipalCollection principals) {
Long memberId = (Long)
principals.fromRealm(getName()).iterator().next();
Member member = memberService.getMember(memberId);
if (member != null) {
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
for (Role role : member.getRoles()) {
info.addRole(role.getName());
for (Permission perm : role.getPermissions()) {
info.addStringPermission(perm.getPermissionString());
}
}
for (Permission perm : member.getPermissions()) {
info.addStringPermission(perm.getPermissionString());
}
return info;
} else {
return null;
}
}
Can anyone help? Thanks in advance!
Tauren
