Page Comparison

interface PermissionsService {
  Set<Permission> getPermissionsForUser(String userId, boolean includeTransitive);
  Permission addPermission(Permission permission);
  void updatePermission(Permission permission);
  void removePermission(Permission permissions);
  Set<Permission> getPermissionsForObject(ObjectType type, String id);
  
  /** Spring security will need a very focused method to check, for a 
    * given user and a given object, does the user have any of the required 
    * roles to perform the request. This method can fudge things like 
    * app-scoped permissions, too.
    */
  boolean isAuthorized(AccountId accountId, ObjectType type, String objectId, Role... roles);
}