Class FieldSecurityUtil
java.lang.Object
nl.datasteel.crudcraft.runtime.security.FieldSecurityUtil
Utility methods for enforcing field-level security on DTOs.
-
Method Summary
Modifier and TypeMethodDescriptionstatic booleanDetermines if the current user can read based on the given roles.static booleanDetermines if the current user can write based on the given roles.static <T> TfilterRead(T dto) Filters the provided DTO for read operations.static <T> TfilterWrite(T dto) Filters the provided DTO for write operations.static <T> TfilterWrite(T dto, Object existing) Filters the DTO using values from an existing object to restore fields the caller is not permitted to modify.
-
Method Details
-
canRead
Determines if the current user can read based on the given roles.- Parameters:
roles- roles required for read access- Returns:
trueif the user has any of the roles
-
canWrite
Determines if the current user can write based on the given roles.- Parameters:
roles- roles required for write access- Returns:
trueif the user has any of the roles
-
filterRead
public static <T> T filterRead(T dto) Filters the provided DTO for read operations.- Parameters:
dto- the object to filter- Returns:
- the filtered DTO
-
filterWrite
public static <T> T filterWrite(T dto) Filters the provided DTO for write operations.- Parameters:
dto- the object to filter- Returns:
- the filtered DTO
-
filterWrite
Filters the DTO using values from an existing object to restore fields the caller is not permitted to modify.- Parameters:
dto- the DTO containing new valuesexisting- the existing object to source immutable field values from- Returns:
- the filtered DTO
-