html5 shiro shiro:hasAnyPermissions tags question

[wuwei0727]

Hello! I'm using HTML5 and using shiro tags. Regarding shiro:hasAnyPermissions specifying multiple permissions, I have many permissions in my name, so it seems inappropriate to write them all in the name! Is there anything that can be optimized?
maven:
<dependency> <groupId>com.github.theborakompanioni</groupId> <artifactId>thymeleaf-extras-shiro</artifactId> <version>2.0.0</version> </dependency>

<shiro:hasAnyPermissions name="park:add,park:del,park:edit,park:see,vipParingSpace:add,vipParingSpace:del,vipParingSpace:edit,vipParingSpace:see,vipArea:add,vipArea:del,vipArea:edit,vipArea:see,placeVideoDetection:add,placeVideoDetection:del,placeVideoDetection:edit,placeVideoDetection:see,recommConfig:add,recommConfig:del,recommConfig:edit,recommConfig:see,placeExit:add,placeExit:del,placeExit:edit,placeExit:see,mapPathLabel:add,mapPathLabel:del,mapPathLabel:edit,mapPathLabel:see,company:add,company:del,company:edit,company:see, "> You can create or delete users. </shiro:hasAnyPermissions>

[theborakompanioni]

Hey @wuwei0727, please excuse the long delay : /

It seems it is more appropriate to assign these permissions to a role and use hasRole. What do you think?

[wuwei0727]

I'm very sorry about this! The project design doesn't have roles, only what permissions users have. Is there any other solution?

Hey @wuwei0727, please excuse the long delay : /

It seems it is more appropriate to assign these permissions to a role and use hasRole. What do you think?

[theborakompanioni]

Hey @wuwei0727!

Thanks for the follow-up! Your original question was:

Is there anything that can be optimized?

I can not really provide an answer, as I do not know what you are trying to achieve..
What do you think can an "optimized" version look like?

I'd generally say that this amount of permissions looks very odd.. and might indicate some improvement possibilities. If you can, break it down to their individual responsibilities, e.g.

<shiro:hasAnyPermissions name="park:add,park:del,park:edit,park:see">You can create or delete parks.</shiro:hasAnyPermissions>

<shiro:hasAnyPermissions name="company:add,company:del,company:edit,company:see">You can create or delete companies.</shiro:hasAnyPermissions>

etc.

or even further:

<shiro:hasAnyPermissions name="company:add">You can add companies.</shiro:hasAnyPermissions>
<shiro:hasAnyPermissions name="company:del">You can delete companies.</shiro:hasAnyPermissions>
<shiro:hasAnyPermissions name="company:edit">You can edit companies.</shiro:hasAnyPermissions>
<shiro:hasAnyPermissions name="company:see">You can see companies.</shiro:hasAnyPermissions>

e.g. does it make sense to be able to create companies, but not see them?

Other than that, I think I'd need to know more about what you are trying to do, i.e. what is the element you are decorating?

[wuwei0727]

Hello, I'm very sorry, I couldn't express what I meant. Is there any other way to optimize this? Role-based won't work because the project doesn't have designed roles. Can I define a string in html or js. And then give a tag to read?

Similar to the picture：

This is just an idea of mine, do you have a better way?

New question: What is the maximum string limit for Shiro’s permission tag in HTML?

[theborakompanioni]

Hey @wuwei0727!

That won't work as the tags are evaluated on the server side.

This is just an idea of mine, do you have a better way?

As said, role based would be the better way.
However, if that is not possible for whatever reason, can't you do the same thing you tried on the backend? That is, assign the value to a variable and use it while rendering/evaluating the tag?

New question: What is the maximum string limit for Shiro’s permission tag in HTML?

I don't know. Sorry.

Just a reminder that you can easily provide the functionality you want via a pull request. All contributions and improvements are highly appreicated 🙏