Closed Serkan80 closed 11 months ago
/cc @pedroigor (bearer-token)
If implemented, then please make this also available on the LTS version.
Sorry, probably not possible. I think new feature like this does not qualify for backports.
I think new feature like this does not qualify for backports.
I definitely agree
If implemented, then please make this also available on the LTS version.
Sorry, probably not possible. I think new feature like this does not qualify for backports.
I thought that security fixes & enhancements would also be backported to the LTS version ?
Anyways, thx for the effort for implementing this feature! Very appreciated !
This is a new feature, not a fix for a security issue
Description
Currenty
@SecureField
only supports hardcoded roles and it would be nice if this could be aligned with how@RolesAllowed
works, namely with expressions support.This also causes problems in combination with @RolesAllowed when the latter uses expressions and when the app is deployed on certain environments then the dynamic role is not available in SecureField.
If implemented, then please make this also available on the LTS version.
Implementation ideas
This should be possible:
@SecureField(roles=‘${maintainer.role}’, ‘roleA’)