Our intention was that if you wanted to add another permission like "update" (a subset of "write") then you would return it from the method as part of the EnumSet<Permission> for that resource. I would see how much trouble it would be to add a new Permission value for "update".
Note that Cassandra itself doesn't make a distinction between "update" and "add", because we don't (and probably can't, without locking?) look for an existing value while doing an insert. This would probably be a larger patch than you think. On Mon, Jan 31, 2011 at 1:54 AM, indika kumara <ind...@apache.org> wrote: > Hi All, > > Currently, there are two permissions - read and write, and there is no way > to know the current operation being performed such as add, update, etc. If > the operation is 'add', as the user is already logged into the system, I > would like to authorize the user for the resource going to add. I think it > is a valid use case, as the creator of a resource implicitly need to have > the authority to access it. > > Current method > > public EnumSet<Permission> authorize(AuthenticatedUser user, List<Object> > resource); > > Purposed method > > ission> authorize(AuthenticatedUser user, List<Object> resource, Action > action); // Action is a enum and can be 'add', 'update', 'delete', etc. > > WDYT? > > Thanks, > > Indika >