• Post Reply Bookmark Topic Watch Topic
  • New Topic

Instance authorization  RSS feed

 
Sharon Adar
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hey,
I�ve a containment relation-ship: A contains B.

Class A {
@oneToMany(�)
Private List<B> bees;
}

In addition, I also have multiply clients, therefore I would like to use some instance authorization � which means not all users are allowed to see all B instances.
When working only with B layer � there�s no problem since I can edit the �select� function,
Yet when working with A layer, reading A will return all descending B instances without checking the authorization state.
What should I do in order to return A only with the authorized B instances?

Thanks!
Sharon.
 
Edvins Reisons
Ranch Hand
Posts: 364
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The simplest thing that comes to mind is to apply some filter to the list before presenting it to the user.
 
Don't get me started about those stupid light bulbs.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!