Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Nested @RolesAllowed #958

Open
t1 opened this issue Aug 6, 2021 · 0 comments
Open

Nested @RolesAllowed #958

t1 opened this issue Aug 6, 2021 · 0 comments
Labels
enhancement New feature or request Server This issue applies to the Server side

Comments

@t1
Copy link
Collaborator

t1 commented Aug 6, 2021

We already can control access to queries and resolvers simply with standard @RolesAllowed et.al. annotations. As discussed in #860, there are situations where the fields of some POJO need access control; i.e. a User class having fields for the name, etc., and a lastLoginTimestamp, which only a user in the admin role is allowed to read and a system allowed to write. The @RolesAllowed annotation would have to be placed on the getter or setter respectively (it's target is limited to TYPE and METHOD).
@t1 t1 added enhancement New feature or request Server This issue applies to the Server side labels Aug 6, 2021
This was referenced Aug 6, 2021
Open
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request Server This issue applies to the Server side
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@t1