Hello,
I need some help to understand how to go organize code for implementing “constraints” and access groups.
I have read documentation and some posts on the forum, but one fundamental question seems to be unanswered.
Is there a way to code constraints and define groups, without having to configure them in the Administration interface ? Having to develop constraints at the “data” level is cumbersome when switching between environments.
How do you handle this ? What are your suggested best practices ? Am i missing something ?
That’s a good question, but currently we have no simple answer to it. Actually, there should be a convenient mechanism in the framework to define security at design time and to protect it from changes at runtime.
There is a couple of related issues that we are going to address in the future:
The currently available approach is to create a bean that listens to AppContextStartedEvent and programmatically checks and creates security objects in the database either by importing from JSON or just by creating appropriate entities.