"what i eventually wanted was to have a SecuredServiceContext ... that wraps the ServiceContext and passes the "secured" down as far as it will go ... service_context.getDocumentService().getDataService().getReadableCrudService(bucket) ... and it would auto pass the levels of security down ... so basically you'd need a wrapper for every object type ... which would then return a new wrapper if it didn't support security, or pass int the secured if so ... (or prevent access altogether if an underlying method has no concept of security yet) ... so it's a mini faff, there's probably ~10-15 of such objects ... but then once it's done you can never accidentally forget to apply security ... "
From discussion
"what i eventually wanted was to have a SecuredServiceContext ... that wraps the ServiceContext and passes the "secured" down as far as it will go ...
service_context.getDocumentService().getDataService().getReadableCrudService(bucket)... and it would auto pass the levels of security down ... so basically you'd need a wrapper for every object type ... which would then return a new wrapper if it didn't support security, or pass int the secured if so ... (or prevent access altogether if an underlying method has no concept of security yet) ... so it's a mini faff, there's probably ~10-15 of such objects ... but then once it's done you can never accidentally forget to apply security ... "