- 
        1. Re: Restrict on class rather than entityjoblini Jun 12, 2009 12:55 AM (in response to yahawari)Hi Yasser, any luck with this? I am trying to do the same thing. 
- 
        2. Re: Restrict on class rather than entityjoblini Jun 12, 2009 1:00 AM (in response to yahawari)The best I have come up with so far is: @Restrict("#{s:hasPermission('Stakeholder','read')}") @PostLoad public void postLoad() { System.out.println("Stakeholder.postLoad()"); }Seams as though there must be a better way (no pun intended) ... 
- 
        3. Re: Restrict on class rather than entityyahawari Jun 12, 2009 5:30 AM (in response to yahawari)hi Ingo, that was my best shot as well. i also added the following to the entity definition so that i can query which permissions apply to this class. @Permissions({ @Permission(action = "insert"), @Permission(action = "delete"), @Permission(action = "update"), @Permission(action = "read") }) @Entity public class SimpleTask { ....there is another way to do this if u decide to place ur security checking code on a DAO class (like entityHome). u can annotate a function to have certain access to the class in general (SEAM GUIDE 15.6.6 - Typesafe Permission Annotations). for me i have followed the first method which turns to be VERY restricting as it is applied by the entityManager anytime it pulls this class's data (from anywhere). that led me to a new problem :).. my application responds to some of the user actions by doing some other operations which could possible access a class that the user does not have the access rights to :(. now i had to create a system user which has a permission to do anything (thanks to drools): rule system_masterPermission no-loop activation-group "permissions" when check: PermissionCheck(granted == false) Role(name == "system") then check.grant(); end and now i have to use RunAs to kick start any possibly restricted operation. i hope that someone could shed some light on how to do this in a cleaner way 
 
    