@CreatePermission(expression = "deny all") public String getCannotModify() { return cannotModify; }
/** * Get the calculated {@link CreatePermission} value for the field. * * @param clazz the entity class * @return the create permissions for an entity */ protected String getCreatePermission(Class<?> clazz) { CreatePermission classPermission = dictionary.getAnnotation(clazz, CreatePermission.class); if (classPermission != null) { return classPermission.expression(); } return null; }
/** * No Create test bean. */ @CreatePermission(expression = "deny all") @Include(rootLevel = true, type = "nocreate") // optional here because class has this name // Hibernate @Entity @Table(name = "nocreate") public class NoCreateEntity extends BaseId { }
/** * A model intended to be ONLY created and read, but never updated */ @Include(rootLevel = true) @Entity @CreatePermission(expression = "allow all") public class CreateButNoReadChild extends BaseId { private CreateButNoRead otherObject; @ManyToOne() @ReadPermission(expression = "allow all") public CreateButNoRead getOtherObject() { return otherObject; } public void setOtherObject(CreateButNoRead otherObject) { this.otherObject = otherObject; } }
/** * A model intended to be ONLY created and read, but never updated */ @Include(rootLevel = true) @Entity @CreatePermission(expression = "allow all") public class CreateButNoRead extends BaseId { private Set<CreateButNoReadChild> otherObjects; @OneToMany(fetch = FetchType.LAZY) @ReadPermission(expression = "noRead") public Set<CreateButNoReadChild> getOtherObjects() { return otherObjects; } public void setOtherObjects(Set<CreateButNoReadChild> otherObjects) { this.otherObjects = otherObjects; } public static class NOREAD extends OperationCheck<CreateButNoRead> { @Override public boolean ok(CreateButNoRead object, RequestScope requestScope, Optional<ChangeSpec> changeSpec) { return false; } } }
@ReadPermission(expression = "allow all") @CreatePermission(expression = "allow all") @UpdatePermission(expression = "allow all") @Entity public class NotIncludedResource extends BaseId { private String someParams; public String getSomeParams() { return someParams; } public void setSomeParams(String someParams) { this.someParams = someParams; } }
/** * No Update test bean. */ @CreatePermission(expression = "allow all AND noCommit") @UpdatePermission(expression = "allow all AND noCommit") @Include(rootLevel = true, type = "nocommit") // Hibernate @Entity @Table(name = "nocommit") public class NoCommitEntity extends BaseId { static public class NoCommitCheck<T> extends CommitCheck<T> { @Override public boolean ok(T record, RequestScope requestScope, Optional<ChangeSpec> changeSpec) { return false; } } }
@CreatePermission(expression = "allow all") @ReadPermission(expression = "deny all") @Include(rootLevel = true) @Entity public class YetAnotherPermission extends BaseId { private String hiddenName; private String youShouldBeAbleToRead; public String getHiddenName() { return hiddenName; } public void setHiddenName(String hiddenName) { this.hiddenName = hiddenName; } @ReadPermission(expression = "allow all") public String getYouShouldBeAbleToRead() { return youShouldBeAbleToRead; } public void setYouShouldBeAbleToRead(String youShouldBeAbleToRead) { this.youShouldBeAbleToRead = youShouldBeAbleToRead; } }
@Include(rootLevel = true) @ReadPermission(expression = "allow all") @CreatePermission(expression = "allow all") @UpdatePermission(expression = "allow all") @Entity public class OneToOneRoot extends BaseId { private String name; private OneToOneNonRoot otherObject; public String getName() { return name; } public void setName(String name) { this.name = name; } @OneToOne(fetch = FetchType.LAZY) public OneToOneNonRoot getOtherObject() { return otherObject; } public void setOtherObject(OneToOneNonRoot otherObject) { this.otherObject = otherObject; } }
@Include(rootLevel = true) @ReadPermission(expression = "allow all") @CreatePermission(expression = "allow all") @UpdatePermission(expression = "allow all") @Entity public class ResourceWithInvalidRelationship extends BaseId { private String name; private NotIncludedResource notIncludedResource; public String getName() { return name; } public void setName(String name) { this.name = name; } @OneToOne public NotIncludedResource getNotIncludedResource() { return notIncludedResource; } public void setNotIncludedResource(NotIncludedResource notIncludedResource) { this.notIncludedResource = notIncludedResource; } }
@Include(rootLevel = false) @ReadPermission(expression = "allow all") @CreatePermission(expression = "allow all") @UpdatePermission(expression = "allow all") @Entity public class OneToOneNonRoot extends BaseId { private String test; private OneToOneRoot root; public String getTest() { return test; } public void setTest(String test) { this.test = test; } @OneToOne(mappedBy = "otherObject", fetch = FetchType.LAZY) @PrimaryKeyJoinColumn public OneToOneRoot getRoot() { return root; } public void setRoot(OneToOneRoot root) { this.root = root; } }
@CreatePermission(expression = "allow all") @ReadPermission(expression = "allow all") @UpdatePermission(expression = "deny all")
@Entity @Include(rootLevel = true) @ReadPermission(expression = "allow all") @CreatePermission(expression = "allow all") @UpdatePermission(expression = "allow all") @DeletePermission(expression = "allow all")
@CreatePermission(expression = "allow all") @ReadPermission(expression = "allow all") @UpdatePermission(expression = "allow all OR deny all")
@CreatePermission(expression = "allow all") @ReadPermission(expression = "allow all") @UpdatePermission(expression = "deny all OR allow all")
@Include(rootLevel = true) @ReadPermission(expression = "allow all") @CreatePermission(expression = "allow all") @DeletePermission(expression = "allow all") @UpdatePermission(expression = "allow all")
@CreatePermission(expression = "initCheck") @SharePermission @ReadPermission(expression = "negativeChildId AND negativeIntegerUser AND initCheckOp AND initCheckFilter")
@CreatePermission(expression = "parentInitCheck OR allow all") @ReadPermission(expression = "parentInitCheckOp OR allow all") @UpdatePermission(expression = "parentInitCheck OR allow all OR deny all")