org.apache.shiro.authz.annotation
Annotation Type RequiresPermissions


@Target(value={TYPE,METHOD})
@Retention(value=RUNTIME)
public @interface RequiresPermissions

Requires the current executor's Subject to imply a particular permission in order to execute the annotated method. If the executor's associated Subject determines that the executor does not imply the specified permission, the method will not be executed.

For example, this declaration:

@RequiresPermissions( {"file:read", "write:aFile.txt"} )
void someMethod();

indicates the current user must be able to both read and write to the file aFile.txt in order for the someMethod() to execute, otherwise an AuthorizationException will be thrown.

Since:
0.1
See Also:
Subject.checkPermission(java.lang.String)

Required Element Summary
 String[] value
          The permission string which will be passed to Subject.isPermitted(String) to determine if the user is allowed to invoke the code protected by this annotation.
 
Optional Element Summary
 Logical logical
          The logical operation for the permission checks in case multiple roles are specified.
 

Element Detail

value

public abstract String[] value
The permission string which will be passed to Subject.isPermitted(String) to determine if the user is allowed to invoke the code protected by this annotation.

logical

public abstract Logical logical
The logical operation for the permission checks in case multiple roles are specified. AND is the default

Since:
1.1.0
Default:
org.apache.shiro.authz.annotation.Logical.AND


Copyright © 2004-2014 The Apache Software Foundation. All Rights Reserved.