I posted this to the grails list, so my apologies if that constitutes a
cross post.
I'm pretty sure this is a bug...
I'm using grails 1.1.2 and Grails Shiro plugin 1.0.1.
In my Bootstrap.goovy I'm hardcoding several Roles and Users with
permissions, but I can't define the Role permission with the same
granularity as I can when I apply the permission to the User.
That is,
adminRoleDAC1Proj.addToPermissions("project:index,list,show:1,2") // doesn't
work
but
userLoser2.addToPermissions("project:index,list,show:1,3") // this works
just fine
What happens is the person assigned the role does not have access to the
domain objects corresponding to the permissions
"project:index,list,show:1,2" for example, but if I
apply the same permissions string to a User it works.
class BootStrap {
...
// Administrator role for proj DAC1.
def adminRoleDAC1Proj = new ShiroRole(name: "AdminDAC1")
// adminRoleDAC1Proj.addToPermissions("project:index,list,show:1,2")
// doesn't work
// adminRoleDAC1Proj.addToPermissions("project:index,list,show")
// works
adminRoleDAC1Proj.addToPermissions("project:*:1,2") // doesn't work
adminRoleDAC1Proj = thangValidator(adminRoleDAC1Proj)
// User loser who can see some report
def userLoser2 = new ShiroUser(username: "loser2", passwordHash: new
Sha1Hash("password").toHex())
userLoser2.addToRoles(userRole)
userLoser2.addToPermissions("project:index,list,show:1,3") // this
works just fine
userLoser2 = thangValidator(userLoser2)
}
--
- Ed
