@ReadPermission(expression = "allow all OR negativeIntegerUser") public String getField5() { return field5; }
/** * Get the calculated {@link ReadPermission} value for the field. * * @param clazz the entity class * @param fieldName the field * @return the read permissions for a field */ protected String getReadPermission(Class<?> clazz, String fieldName) { ReadPermission classPermission = dictionary.getAnnotation(clazz, ReadPermission.class); ReadPermission fieldPermission = dictionary.getAttributeOrRelationAnnotation(clazz, ReadPermission.class, fieldName); if (fieldPermission != null) { return fieldPermission.expression(); } if (classPermission != null) { return classPermission.expression(); } return null; }
@ReadPermission(expression = "allow all") public String getField2() { return field2; }
@ReadPermission(expression = "negativeIntegerUser AND allow all") public String getField6() { return field6; }
@ReadPermission(expression = "checkRestrictUser") public String getName() { return name; }
@ReadPermission(expression = "negativeIntegerUser") public String getField3() { return field3; }
@ReadPermission(expression = "allow all AND deny all") public String getField7() { return field7; }
@ReadPermission(expression = "deny all OR negativeIntegerUser") public String getField8() { return field8; }
@ReadPermission(expression = "deny all") public String getField1() { return field1; }
@ReadPermission(expression = "allow all") public String getYouShouldBeAbleToRead() { return youShouldBeAbleToRead; }
@ManyToOne() @ReadPermission(expression = "allow all") public CreateButNoRead getOtherObject() { return otherObject; }
@ReadPermission(expression = "negativeIntegerUser") @OneToMany( targetEntity = Child.class, cascade = { CascadeType.PERSIST, CascadeType.MERGE } ) public Set<Child> getRelation2() { return relation2; }
@OneToOne(targetEntity = Child.class, fetch = FetchType.LAZY) @ReadPermission(expression = "deny all") public Child getNoReadAccess() { return noReadAccess; }
@OneToMany(fetch = FetchType.LAZY) @ReadPermission(expression = "noRead") public Set<CreateButNoReadChild> getOtherObjects() { return otherObjects; }
@ReadPermission(expression = "negativeIntegerUser") @UpdatePermission(expression = "negativeIntegerUser") @OneToOne (cascade = CascadeType.ALL, fetch = FetchType.LAZY) @JoinColumn(name = "child_id") public Child getRelation3() { return relation3; }
@ReadPermission(expression = "negativeIntegerUser") @UpdatePermission(expression = "negativeIntegerUser") @OneToMany( targetEntity = Child.class, cascade = { CascadeType.PERSIST, CascadeType.MERGE } ) public Set<Child> getRelation1() { return relation1; }
@Transient @ComputedAttribute @ReadPermission(expression = "FailCheckOp") public String getComputedFailTest() { return "computed"; }
@ReadPermission(expression = "deny all") @UpdatePermission(expression = "parentSpecialValue") public String getSpecialAttribute() { return specialAttribute; }
@ManyToOne @FilterExpressionPath("editor") @ReadPermission(expression = "Field path editor check") public Editor getEditor() { return editor; }
/** * No Read test bean. */ @ReadPermission(expression = "deny all") @Include(rootLevel = true, type = "noread") // optional here because class has this name // Hibernate @Entity @Table(name = "noread") public class NoReadEntity extends BaseId { public String field; @OneToOne(fetch = FetchType.LAZY) public Child child; }