jmix icon indicating copy to clipboard operation
jmix copied to clipboard

Published 20 hours ago verified publisher icon jmix-framework

Security policy to use regular expression

Open yos1p opened this issue 2 years ago • 1 comments

I think it'd be great to be able to set security policies (such as Screen, Menu, etc) with regular expression. This will simplify the code very much, without compromising fine-grained security features.

Before:

@ResourceRole(name = "Customer Master Data",
        code = "customer-master")
public interface CustomerMasterRole {

    @EntityPolicy(
            entityClass = Customer.class,
            actions = {EntityPolicyAction.READ,
                    EntityPolicyAction.CREATE,
                    EntityPolicyAction.UPDATE})
    @EntityAttributePolicy(
            entityClass = Customer.class,
            attributes = {"name", "region", "details"},
            action = EntityAttributePolicyAction.MODIFY)
    @ScreenPolicy(
            screenIds = {"sample_Customer.browse", "sample_Customer.edit", "sample_Customer.import", "sample_Customer.maps", "sample_Customer.statistic"})
    @MenuPolicy(
            menuIds = {"sample_Customer.browse", "sample_Customer.import", "sample_Customer.maps", "sample_Customer.statistic"})
    void customer();
}

After:

@ResourceRole(name = "Customer Master Data",
        code = "customer-master")
public interface CustomerMasterRole {

    @EntityPolicy(
            entityClass = Customer.class,
            actions = {EntityPolicyAction.READ,
                    EntityPolicyAction.CREATE,
                    EntityPolicyAction.UPDATE})
    @EntityAttributePolicy(
            entityClass = Customer.class,
            attributes = {"name", "region", "details"},
            action = EntityAttributePolicyAction.MODIFY)
    @ScreenPolicy(
            screenRegexp = "sample_Customer.*")
    @MenuPolicy(
            menuRegexp = "sample_Customer.*")
    void customer();
}

yos1p avatar Apr 07 '22 05:04 yos1p