tags:

views:

32

answers:

1

I use shiro plugin for grails and allow user to add permission at runtime. My controller has many actions such as index,list,edit,create,save,update,search,delete .... Suppose that controller name is "foo" The permission string for simple foo controller is foo:* means everybody which has this permission can access all actions of foo controller. but if I want to deny only delete actions I must compose the permission string like this foo:index,list,edit,create,save,update,search This work out but the permission string is very long, if my controller has the actions more than this. It would be better if there are the syntax like this foo:[delete] add square bracket or something like that to deny only delete action but allow the rest.

Thank you in advance.

A: 

You could subclass the WildCardPermission class. Then you override the implies-method and implement your own "deny-only" permission logic.

eiden