I am working on a system that will store records in a database and I would like to manage the access of these records using Shiro. The user will determine the access when the record is created (User Read/Write, Group Read/Write, World Read/Write). The group information is coming from roles that are already defined in LDAP and I can obtain.
So I want to set the security permission, for instance record:UserOnlyReadWrite, when the record is created and then when a user comes along and tries to access this record I can use Shiro to determine if the user has access. In this case another user would not. Is this something that is feasible with Shiro? If so, are there use cases for this or supporting documentation I can follow?
