I'm trying to simplify a complex set of rules, I'm going to use the example
of schools/districts/courses/assignments... here's my swing at it:
Districts, Schools, Courses and Assignments
Administrators, Teachers and Students
Scenario #1 - I am an administrator, I can create Schools for my district, I
can create Courses for my district
Scenario #2 - I am a teacher, I can create courses for my school
Scenario #3 - I am a student I can view my assignments
Scenario #4 - I am a consultant, I can view all assignments in a district
regardless of school
Scenario #5 - I am a principal, I can do whatever I want in my School
Scenario #6 - I am a substitute, I can assign students in courses I have
Here's my problem...
Technically speaking Scenario #3 could look like this "assignment:23:view"
But that conflicts with Scenario #4
Is it best to have a full chain like I am describing? Is this using Shiro
Any help would be appreciated, I don't want to go down this road and then
have someone else come by it in 5 years and put it on DailyWTF :)
View this message in context: http://shiro-developer.582600.n2.nabble.com/hierarchical-data-tp6375796p6375796.html
Sent from the Shiro Developer mailing list archive at Nabble.com.