-
1. Re: Security: access control at entity level?
christian.bauer May 2, 2007 3:51 PM (in response to kingcu)Entity security is covered in the reference documentation. Short answer: Yes, you can put @Restrict on entity callback methods.
-
2. Re: Security: access control at entity level?
christian.bauer May 2, 2007 3:52 PM (in response to kingcu)And for your use case you need something else: dynamic Hibernate filters. I'm using a restrictedEntityManager that is configured with a dynamic filter in components.xml, checkout the examples/wiki/ source in Seam CVS.
-
3. Re: Security: access control at entity level?
a.simonov Jun 4, 2007 8:13 AM (in response to kingcu)if for example want to define filter like this
@org.hibernate.annotations.FilterDef(
name = "accessLevelFilter2",
parameters = {@org.hibernate.annotations.ParamDef(name = "currentAccessLevel", type="integer")}
)
@org.hibernate.annotations.Filter(
name = "accessLevelFilter2",
condition = "(select level from registration where id=this.id)=:currentAccessLevel"
)
this should reference to the entity.I couldn't get it to work.. how this could be done? -
4. Re: Security: access control at entity level?
christian.bauer Jun 4, 2007 8:29 AM (in response to kingcu)I don't understand what you want.
-
5. Re: Security: access control at entity level?
a.simonov Jun 4, 2007 9:32 AM (in response to kingcu)I have two to tables:
Table1 and Table2 . I have mapped them like this:@Entity @Table(name = "Table1") class Table1{ int id; int level; @OneToMany List<Table2> items } @Entity @Table(name = "Table2") class Table2{ int id; }
I woud like to do a filter for Table2 entity which returns same result as this query returns:
select * from Table2 t2 where (select t1.level from Table1 t1 where t1.id=t2.id)= :accessLevel -
6. Re: Security: access control at entity level?
christian.bauer Jun 4, 2007 11:53 AM (in response to kingcu)This is not possible. The collection "items" will always be loaded through a join of some key columns (or static formula). You can't redefine the collection loading condition completely, only add to it.