Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Instance authorization

 
Sharon Adar
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hey,
I�ve a containment relation-ship: A contains B.

Class A {
@oneToMany(�)
Private List<B> bees;
}

In addition, I also have multiply clients, therefore I would like to use some instance authorization � which means not all users are allowed to see all B instances.
When working only with B layer � there�s no problem since I can edit the �select� function,
Yet when working with A layer, reading A will return all descending B instances without checking the authorization state.
What should I do in order to return A only with the authorized B instances?

Thanks!
Sharon.
 
Edvins Reisons
Ranch Hand
Posts: 364
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The simplest thing that comes to mind is to apply some filter to the list before presenting it to the user.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic