I have a certain entity that can possibly be edited by different actors. A

Question

0

Asked: May 26, 20262026-05-26T10:53:52+00:00 2026-05-26T10:53:52+00:00

I have a certain entity that can possibly be edited by different actors. A

0

I have a certain entity that can possibly be edited by different actors. A good example for the scenario would be an user of a system, who can edit their personal data (phone no, e-mail, password), but cannot modify e.g. their privileges or username, which could of course be done by a super-user.

So, would it be too brutal and ugly if I just annotated the setter methods with @PreAuthorize? The only disadvantage I could think of is the performance loss, but since there are no bulk operations involving the entity I am thinking of and those setters will never be called often it doesn’t seem like a concern now.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-26T10:53:52+00:00

Editorial Team

2026-05-26T10:53:52+00:00Added an answer on May 26, 2026 at 10:53 am

I wouldn’t advise for that. First, if I see things properly, @PreAuthorize requires a class to be a bean. And generally, entities are not spring beans (unless you use the @Configurable magic). So it just won’t work.

Second, the better place for @PreAuthorize is on the business methods that perform the modifications.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have a certain entity that can possibly be edited by different actors. A

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply