Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
how can I restrict updates of domain restricted data?
Let’s say I have users of my hibernate application, which are allowed to see all contracts of a specific country (i.e. filter: country=’US’)
How can I ensure, that this user can only insert new records with country=’US’?
Is there a something like ‘a filter to restrict update statements’ in hibernate?
You could do this at the Hibernate layer by implementing a PreUpdateListener / PreInsertListener and veto the update, but this would probably be over-kill in most cases.
I would only do this if this was critical for security reasons and would have this in addition to validation logic closer to the View or Controller layer. You don’t mention what kind of application this is, but pretty much all UI frameworks (web, desktop or mobile) have validation support which will make it more convenient to handle this sort of logic (as opposed to handling exceptions from the persistence layer).