We want to add a permission feature into our product where users will only be able to see some entities based on some criterion.
There is a way using QueryRootBuilder where we can add a filter on Query.All<t>() (on the queryEndPoint). But If I am not mistaken, it seems that other EntitySets or referenced Entities of the same type T won't be filtered. For example, lets say we have a Document entity such as :
Using the QueryRootBuilder will only filter the 'root' entities but not the children, for example if we define the queryEndPoint like this :
It will only filter the root documents where state is 0 but if we loop on the EntitySet SubDocuments, the subdocuments won't be filtered (we will have all subdocuments)
Is there a way to do this ?
Hello Benoit Nesme,
Have you tried our Security extension? It allows you to make some rules of access to entities for users.
answered Jan 27 at 02:54
Enabling and configuring Entity Filtering in your application Entity Filtering support in Jersey is provided as an extension module and needs to be mentioned explicitly in your pom.xml file (in case of using Maven): <dependency> <groupid>org.glassfish.jersey.ext</groupid> <artifactid>jersey-entity-filtering</artifactid> <version>2.25.1</version> </dependency>
Note If you're not using Maven make sure to have also all the transitive dependencies (see jersey-entity-filtering) on the classpath. The entity-filtering extension module provides three Features which you can register into server/client runtime in prior to use Entity Filtering in an application: EntityFilteringFeature Filtering based on entity-filtering annotations (or i.e. external configuration file) created using @EntityFiltering meta-annotation. SecurityEntityFilteringFeature Filtering based on security (javax.annotation.security) and entity-filtering annotations. SelectableEntityFilteringFeature Filtering based on dynamic and configurable query parameters. If you want to use both entity-filtering annotations and security annotations for entity data filtering it is enough to register SecurityEntityFilteringFeature as this feature registers also EntityFilteringFeature. Entity-filtering currently recognizes one property that can be passed into the Configuration instance (client/server): EntityFilteringFeature.ENTITY_FILTERING_SCOPE - "jersey.config.entityFiltering.scope" Defines one or more annotations that should be used as entity-filtering scope when reading/writing an entity. Note Processing of entity-filtering annotations to create an entity-filtering scope is defined by following: "Request/Resource entity annotations" > "Configuration" > "Resource method/class annotations" (on server). Check for essay writing service
answered Mar 09 at 01:04