search

agrestio / agrest

Server-side Java REST Framework for easy access to data graphs from various backends
https://agrest.io
Apache License 2.0
82 stars 34 forks source link

Per-entity CRUD filters and authorizers for UpdateBuilder #502

Closed andrus closed 2 years ago

andrus commented 2 years ago

Similar to #501, let's implement a set of rules for CRUD operations (UpdateBuilder). This will require a read "filter" and create/update/delete "authorizers".

Usage Example

This is per-request API. Same rules can be applied per Agrest stack using similar AgEntityOverlay methods.

 Ag.service(config)
    .createOrUpdate(E2.class)

    // per-request filter
    .readableFilter(E2.class, e2 -> /* .. */)

    // per-request authorizers
    .createAuthorizer(E2.class, u -> /* .. */)
    .updateAuthorizer(E2.class, (o, u) -> /* .. */)
    .deleteAuthorizer(E2.class, o -> /* .. */)

    .syncAndSelect(updates);