babasss Posted August 10, 2017 Share Posted August 10, 2017 Hello,I have 2 users : A with ROLE_1 and ROLE_2 B with ROLE_2 onlyIn my security file (linked to the domain), i want to filter data on rowlevel only for ROLE_2. So I put something like <resourceAccessGrant id="Jointree_1_row_access_test"> <principalExpression>authentication.getPrincipal().getRoles().any{ it.getRoleName() in ['ROLE_2'] }</principalExpression> <filterExpression>security_table.login_field == groovy('authentication.principal.username')</filterExpression> </resourceAccessGrant>But as the user A has the ROLE_2, rows are filtered for him. So I tried to test something like "authentication.getPrincipal().getRoles().any{ it.getRoleName() in ['ROLE_2'] } AND authentication.getPrincipal().getRoles().any{ it.getRoleName() not in ['ROLE_1'] }" but groovy send an error (it seems it don't like the second part "AND ....")/Do you have any idea how filter one group and not another to make something like "ROLE_2 but not ROLE_1" ?Thanks for your help Link to comment Share on other sites More sharing options...
babasss Posted November 21, 2018 Author Share Posted November 21, 2018 One year after..... I found the answer myself :-) <principalExpression><![CDATA[authentication.getPrincipal().getRoles().any{ it.getRoleName() in ['ROLE_2'] } && !authentication.getPrincipal().getRoles().any{ it.getRoleName() in ['ROLE_1'] } ]]></principalExpression> Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now