Package com.onec.annotations

Annotation Interface AccessControl

@Retention(RUNTIME) @Target({TYPE,FIELD}) public @interface AccessControl
Declares which roles may read and write an entity. Access is deny by default: an entity with no @AccessControl (or empty role lists) is invisible and uneditable to every role except the ADMIN superuser, which bypasses these checks entirely. List only the non-admin roles that should be granted access — there is no need to name ADMIN.

An empty writeRoles falls back to readRoles: readers may write unless a stricter write list is given.

  • Element Details

    • readRoles

      String[] readRoles
      Default:
      {}

    • writeRoles

      String[] writeRoles
      Default:
      {}