Hi All, Currently, there are two permissions - read and write, and there is no way to know the current operation being performed such as add, update, etc. If the operation is 'add', as the user is already logged into the system, I would like to authorize the user for the resource going to add. I think it is a valid use case, as the creator of a resource implicitly need to have the authority to access it.
Current method public EnumSet<Permission> authorize(AuthenticatedUser user, List<Object> resource); Purposed method ission> authorize(AuthenticatedUser user, List<Object> resource, Action action); // Action is a enum and can be 'add', 'update', 'delete', etc. WDYT? Thanks, Indika
