I am developing a small Java project with rest service and Apache Shiro. One requirement is that an authenticated user can view everyone's profile but can only edit its own profile. Can I implement using Permission and how?
Asked
Active
Viewed 33 times
1 Answers
0
Take a look at the Wildcard permission doc: https://shiro.apache.org/permissions.html
Brian Demers
- 2,051
- 1
- 9
- 12
-
"They do not describe WHO can perform the actions". It seems permission is not the way to go. – Chenxi May 13 '19 at 15:40