Firstable, you can make ProjectStage
and Project
implement an interface with one method
void checkAccess(User user) throw ForbiddenAccessException;
Each class must implement the check as you defined it in your code above.
Then, you can use action composition in your controller.
- Create an action
CheckAccessAction
that extendsplay.mvc.Action.Simple
- Before each method that needs the access check like
loadProjectStage()
,deleteProject()
,updateProject()
... add@With(CheckAccessAction.class)
- In the
call
method of the action composition, you can do your check regarding the type of object that you're trying to access (if you can have thecurrentAuthorizedUser
in the request)
You can define the @With(CheckAccessAction.class)
at controller level if all the methods need it.