Update SecurityIdentity to list owned Permissions and allow simpler permission checks

src/main/java/io/quarkus/security/identity/SecurityIdentity.java

@@ -6,6 +6,7 @@
 import java.util.Set;
 import java.util.concurrent.CompletionStage;
 
+import io.quarkus.security.StringPermission;
 import io.quarkus.security.credential.Credential;
 import io.smallrye.mutiny.Uni;
 
@@ -62,16 +63,21 @@ default <T extends Principal> T getPrincipal(Class<T> clazz) {
 
     /**
      * Checks if a user has a given role. These roles must be resolvable in advance for every request.
-     * <p>
-     * If more advanced authorization support is required than can be provided by a simple role based system
-     * then {@link #checkPermission(Permission)} and {@link #checkPermissionBlocking(Permission)} should be used
-     * instead.
-     * <p>
      *
      * @return <code>true</code> if the identity has the specified role.
      */
     boolean hasRole(String role);
 
+    /**
+     * Returns the set of all permissions held by the user. These permissions must be resolvable in advance for every request.
+     * <p>
+     * This set should either be unmodifiable, or a defensive copy so attempts to change the permission set do not modify
+     * the underlying identity.
+     *
+     * @return The set of all permissions held by the user
+     */
+    Set<Permission> getPermissions();
+
     /**
      * Gets the users credential of the given type, or <code>null</code> if a credential of the given type is not
      * present.
@@ -111,7 +117,7 @@ default <T extends Principal> T getPrincipal(Class<T> clazz) {
     Map<String, Object> getAttributes();
 
     /**
-     * Checks if a user holds a given permissions, and if so will return <code>true</code>.
+     * Checks if a user holds a given permission.
      * <p>
      * This method is asynchronous, as it may involve calls to a remote resource.
      *
@@ -121,7 +127,7 @@ default <T extends Principal> T getPrincipal(Class<T> clazz) {
     Uni<Boolean> checkPermission(Permission permission);
 
     /**
-     * Checks if a user holds a given permissions, and if so will return <code>true</code>.
+     * Checks if a user holds a given permission.
      * <p>
      * This method is a blocking version of {@link #checkPermission(Permission)}. By default it will
      * just wait for the {@link CompletionStage} to be complete, however it is likely that some implementations
@@ -133,4 +139,30 @@ default <T extends Principal> T getPrincipal(Class<T> clazz) {
     default boolean checkPermissionBlocking(Permission permission) {
         return checkPermission(permission).await().indefinitely();
     }
+
+    /**
+     * Checks if a user holds a given permission.
+     * <p>
+     * This method is asynchronous, as it may involve calls to a remote resource.
+     *
+     * @param permission The permission
+     * @return A completion stage that will resolve to true if the user has the specified permission
+     */
+    default Uni<Boolean> checkPermission(String permission) {
+    	return checkPermission(new StringPermission(permission));
+    }
+
+    /**
+     * Checks if a user holds a given permission.
+     * <p>
+     * This method is a blocking version of {@link #checkPermission(Permission)}. By default it will
+     * just wait for the {@link CompletionStage} to be complete, however it is likely that some implementations
+     * will want to provide a more efficient version.
+     *
+     * @param permission The permission
+     * @return A completion stage that will resolve to true if the user has the specified permission
+     */
+    default boolean checkPermissionBlocking(String permission) {
+        return checkPermission(permission).await().indefinitely();
+    }
 }