I have been trying to map my use case using the shiro but couldn't found the best solution.
Database structure. User table- user1, user2 ....userN roles table - admin, user, collab permission table : grantall, viewEntiy:,userid,attributename,relationshipname Entity : Document can be an entity, its attribute could be name, lastupdated, createdby.... Lets say 'user1' created the document called "mydocument" and 'User2 and user3' are friends of "user1" (role: collab). Now User1 wants to hide some attribute (createby, lastupdated) from his friends. To achieve above use case I tried using instance level permission but what I found that my permission table is growing whenever "user1" added any news friends. I have been reading the API document and articles on jsecurity but couldnt came across to any good solution. Would be great help if anyone can point me to the correct link where I can read up on this. -Thanks, Santosh -- View this message in context: http://n2.nabble.com/Instance-level-permission-for-collabrator-tp3347857p3347857.html Sent from the Shiro User mailing list archive at Nabble.com.
