Rollczi
commented
2 months ago You must need all required permissions.
Open CarmJos opened 2 months ago
Rollczi
commented
2 months ago You must need all required permissions.
CarmJos
commented
2 months ago Is there any way to achieve this requirement?
Rollczi
commented
2 months ago No, but you can implement validator on your own.
CarmJos
commented
2 months ago I think this feature is quite common, and since this annotation is "Repeatable", it should support "or" judgment.
Otherwise, just write all permissions in a single annotation and it's over.
Rollczi
commented
2 months ago I think this feature is quite common, and since this annotation is "Repeatable", it should support "or" judgment.
Otherwise, just write all permissions in a single annotation and it's over.
This change in the behavior of the @Permission annotation may affect the security of other projects.
KermanIsPretty
commented
2 months ago I think it would be to just let the user implement a OrPermission annotation if they require this functionality.
CarmJos
commented
2 months ago I think it would be to just let the user implement a OrPermission annotation if they require this functionality.
This is what I am thinking about, too. But since @Permission has been marked as "Repeatable", why not directly mark different permission sets with different @Permission to determine whether the user meets one of them.
I expect that one instruction supports multiple different permissions, and the user only needs to have one set of permissions to execute the corresponding instruction.
It seems like
And I saw the
@Permissionis "Repeatable" annotation, but I just tested with 2 seperated@Permissionfor different permissions, also need to have all of them. It's that a mistake?