Hello, is it possible to make an ‘if’ statement to the role? For example:
I created role ProjectOwner which allows to modify and update projects but I want it to be ‘activated’ when logged user is in fact Project.owner .
Is it somehow predicted in JMIX to use roles in this way? Or maybe there is another way to do it properly?
Hi,
A row-level role with predicate policy will help with your requirements.
It allows to deny update or remove operations based on individual entity’s attributes.
https://docs.jmix.io/jmix/security/row-level-roles.html#predicate-policy
And how to give to return the current authentication user?
Something like this:
default Predicate projectOwnerModify() {
return project → Boolean.TRUE.equals(project.getOwner().equals((User) currentAuthentication.getUser()));
}
You can pass any Spring bean including CurrentAuthentication as parameter to the projectOwnerModify method.
It’s not documented yet: https://github.com/Haulmont/jmix-docs/issues/133