Security Bug: restrictions do not support multiple roles per restriction

Details

Type: New Feature
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 1.0.0
Fix Version/s: 1.1.0
Component/s: None
Labels:
None

Description

Believed to be a limitation of our annotation...

Should parse one of these formats...

@Security(restrictions = { @Restriction(restrictionType = RestrictionType.UPDATE, requiredRole = "ROLE_ANONYMOUS"), @Restriction(restrictionType = RestrictionType.REMOVE, requiredRole = "ROLE_ANONYMOUS"), @Restriction(restrictionType = RestrictionType.VIEW, requiredRole = "ROLE_ANONYMOUS"), @Restriction(restrictionType = RestrictionType.UPDATE, requiredRole = "ROLE_USER"), @Restriction(restrictionType = RestrictionType.REMOVE, requiredRole = "ROLE_USER"), @Restriction(restrictionType = RestrictionType.VIEW, requiredRole = "ROLE_USER"), @Restriction(restrictionType = RestrictionType.UPDATE, requiredRole = "ROLE_MANAGER"), @Restriction(restrictionType = RestrictionType.REMOVE, requiredRole = "ROLE_MANAGER"), @Restriction(restrictionType = RestrictionType.VIEW, requiredRole = "ROLE_MANAGER") })

@Security(restrictions = { @Restriction(restrictionType = RestrictionType.UPDATE, requiredRole = "ROLE_ANONYMOUS,ROLE_USER,ROLE_MANAGER"), @Restriction(restrictionType = RestrictionType.REMOVE, requiredRole = "ROLE_ANONYMOUS,ROLE_USER,ROLE_MANAGER"), @Restriction(restrictionType = RestrictionType.VIEW, requiredRole = "ROLE_ANONYMOUS,ROLE_USER,ROLE_MANAGER") })

Activity

Ascending order - Click to sort in descending order

Hide

Permalink

Alejandro Scandroli added a comment - 31/May/07 5:04 PM

Is this a bug, or a new feature?

Show

Alejandro Scandroli added a comment - 31/May/07 5:04 PM Is this a bug, or a new feature?

Hide

Permalink

Kalle Korhonen added a comment - 31/May/07 5:32 PM

A new feature... also I lowered the priority.

Show

Kalle Korhonen added a comment - 31/May/07 5:32 PM A new feature... also I lowered the priority.

Hide

Permalink

Kalle Korhonen added a comment - 14/Jun/07 9:12 PM

New security syntax now support multiple roles, for example:
@ViewRequiresRole({"ROLE_MANAGER", "ROLE_ROOT"} )
Working in 1.1-SNAPSHOT

Show

Kalle Korhonen added a comment - 14/Jun/07 9:12 PM New security syntax now support multiple roles, for example: @ViewRequiresRole({"ROLE_MANAGER", "ROLE_ROOT"} ) Working in 1.1-SNAPSHOT

People

Assignee:

Kalle Korhonen

Reporter:

Ken in nashua

Vote (0)

Watch (0)

Dates

Created:

31/May/07 2:33 PM

Updated:

07/Apr/08 11:34 AM

Resolved:

14/Jun/07 9:12 PM