Annotation Interface RowLevelRole
Row-level policies restrict which data should be return to the user (e.g. a user should only see contracts created by user's department) or which data the user can create, update or delete.
Annotated interfaces are parsed by the AnnotatedResourceRoleProvider and RowLevelRole objects are created using the information from the annotated interface.
Role definition example:
@RowLevelRole(code = "orderView", name = "Order view")
public interface OrderViewRole {
@JpqlRowLevelPolicy(entityClass = TestOrder.class,
join = "join e.customer c",
where = "c.status = 'active'")
void order();
@PredicateRowLevelPolicy(entityClass = Order.class,
actions = {RowLevelPolicyAction.READ})
static RowLevelPredicate<Order> readZeroOrdersOnly() {
return order -> order.getNumber().startsWith("0");
}
}
Role interface may have any number of methods. Methods can have any names, methods are used only to group policies logically. Policies may be grouped by entity they relate (as in the example above) or by type (one method will have annotations for screen policies, another one for entity policies, etc.).
Method return type matters only for methods with PredicateRowLevelPolicy annotations.
- See Also:
-
Required Element Summary
Required Elements -
Optional Element Summary
Optional Elements