https://stackoverflow.com/questions/19734170
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianI'm still using the Hibernate Filter plugin and still recommend it as one of the best solution I know of (I also answered Sergio's linked question). There are some more advanced plugins, but their complexity require maintenance of the plugins which sometimes seem to fall a bit behind. I'd recommend a company_id per domain class, i.e. use redundant keys, also recommend that you use the excellent Spring Security Core plugin.
Restrict access to subset
-
02-07-2022 - |
Question
Amongst others I have a holding, a company and an employee domain class. What is the best practice to make sure that an employee of company A, can only access company A related data? I read about spring security core,filters, criteria, interceptor, etc etc, but now still wondering what is the best solution. What is the typically Grails solution, and should I use redundant keys in my domain classes because of performance reasons?
Solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
