Class DenyUniqueIdWriteAccessPolicyProcessor

java.lang.Object
ch.tocco.nice2.persist.security.impl.policyprocessor.DenyUniqueIdWriteAccessPolicyProcessor
All Implemented Interfaces:
PolicyProcessor

@Component public class DenyUniqueIdWriteAccessPolicyProcessor extends Object implements PolicyProcessor
This policy processor creates an acl rule to deny the write access on the field `unique_id`. Before there must be an acl rule like `entityPath(Entity_folder_template, unique_id): deny access(write);`. The qualifier @AllowUniqueIdWriteAccess can be used if no such rule should be created.
  • Constructor Details

    • DenyUniqueIdWriteAccessPolicyProcessor

      public DenyUniqueIdWriteAccessPolicyProcessor(DataModel dataModel)
  • Method Details

    • processPolicy

      public void processPolicy(PolicyBuilder policy, Object target) throws Exception
      Description copied from interface: PolicyProcessor
      Post-process the given policy. On phase `LOGIN`, the `target` is the principal being logged in, on phase `GUARD`, it's the object being guarded. On phase `LOGIN` the `policy` is the entire policy containing all rules that affect the current user, on phase `GUARD` the policy only contains the rules that are relevant to the guarded objects (the entire policy, if needed, can be retrieved from the SecurityContext).
      Specified by:
      processPolicy in interface PolicyProcessor
      Throws:
      Exception
    • setExcludedModules

      @Autowired(required=false) public void setExcludedModules(List<String> excludedModels)