ComponentOption useLogicSecurity

Generate authorization check in logic layer.

With this option, security at component level can be achieved in the logic layer.

This authorization is generated for standard CRUD operations, commands and tasks. This generated code will always call the AuthorizationManager of the new account component.

An example of the generated code in the TaskBean perform method:

DataAccessQuery dataAccessQuery = new DataAccessQuery();
dataAccessQuery.setElement(taskName);
AuthorizationManager authorizationManager = new AuthorizationManager(dataAccessQuery, userContext);
if (!authorizationManager.isTaskAuthorized()) {
    return TaskResult.error(Diagnostic.error("testComponent","CarTask", "NO_ACCESS"));
}

taskResult = mImplementation.perform(targetParameter);

An example of the generated code in the DataBean create method:

DataAccessQuery dataAccessQuery = new DataAccessQuery();
dataAccessQuery.setElement(elementName);
AuthorizationManager authorizationManager = new AuthorizationManager(dataAccessQuery,userContext);
if (!authorizationManager.isDataAuthorized(DataAccessFunctionality.CREATE)) {
   return getDiagnosticHelper().createCrudsError("not authorized");
}

An example of the generated code in the DataBean performCommand method:

DataAccessQuery dataAccessQuery = new DataAccessQuery();
dataAccessQuery.setElement(elementName);
AuthorizationManager authorizationManager = new AuthorizationManager(dataAccessQuery,commandParameter.getUserContext());
if (!authorizationManager.isDataAuthorized(commandName))) {
 return CommandResult.error(command, "not authorized");
}

References