if (obj.getId() != null && !query.contains(obj)) { throw new SecurityViolation("Services are not allowed to call " + "doAction() on non-Session-managed entities.");
if (obj.getId() != null && !query.contains(obj)) { throw new SecurityViolation("Services are not allowed to call " + "doAction() on non-Session-managed entities.");