Security Tokens

(This page is Work in Progress)

Master Can Open Token

This kind of token authorises opening of a master.

Simple Master

For a simple master, a corresponding token resides in package fielden.security.tokens.open_simple_master and follows naming pattern [Entity]Master_CanOpen_Token.

Tokens that authorise opening of simple masters are used implicitly by the platform. An authorisation check is performed automatically when the simple master is opened.

Compound Master

For a compound master, a corresponding token resides in package fielden.security.tokens.open_compound_master and follows naming pattern Open[Entity]MasterAction_CanOpen_Token. Although, it should be noted that the Open[Entity]MasterAction part of the name is not merely a pattern but actually refers to an associated "open-master-action" entity (Open[Entity]MasterAction).

Tokens that authorise opening of compound masters should be used explicitly, as the platform does not check them automatically. The way to use such tokens is to annotate method provideDefaultValues with @Authorise in a corresponding producer.

For example, if entity Person has a compound master, the token responsible for opening that master will be OpenPersonMasterAction_CanOpen_Token. And the corresponding producer should contain the following:

public class OpenPersonMasterActionProducer extends AbstractProducerForOpenEntityMasterAction<Person, OpenPersonMasterAction> {

  // Constructor omitted.

  @Override
  @Authorise(OpenPersonMasterAction_CanOpen_Token.class)
  protected OpenPersonMasterAction provideDefaultValues(final OpenPersonMasterAction entity) {
    ...
  }
}