How to make a field shaded for a level of user

Is there a way to make a certain field of input in an edit screen disabled, or read-only, for a certain level of user role. I have tried using the read-only option in the attribute page and the UI, but all what I got what that the field was removed from the edit page. The code automatically sets these values and I don’t want him to play with them. Just to be able to see them in the edit screen.

Did you try to set the read-only permission for the corresponding attribute of the entity in the Role editor?

Yes, I did. but it made the attribute disappear from the editor page.

It’s working now!
The error was that I denied the user the read permission in the entity, so it made the field disappear, but when I allow it to him, it’s working fine now!
Thanks :smiley:

When I set the attribute to read only permission. and tried to create an order the attributes that I set as read only were sent a null in the database. For example, Amount attribute of the order. I want to set it to read only for a user so the user wouldn’t play with the calculation that is happening on the back.

So you should initialize your entity programmatically, see

I think I did my entity code is the same as in the manuals. The problem is that the value are set on screen correctly but while committing them, they are seen as NULL and since I put these attributes are mandatory I am given an error.

Order Code:


import com.haulmont.cuba.gui.WindowManager;
import com.haulmont.cuba.gui.components.AbstractEditor;
import com.haulmont.cuba.gui.components.FieldGroup;
import com.haulmont.cuba.gui.components.actions.CreateAction;
import com.haulmont.cuba.gui.components.actions.EditAction;

import javax.annotation.PostConstruct;
import javax.inject.Inject;
import javax.inject.Named;
import javax.swing.*;
import java.math.BigDecimal;
import java.util.Date;
import java.util.Map;
import java.util.UUID;

public class OrderEdit extends AbstractEditor<Order> {
    private CreateAction linesTableCreate;
    private EditAction linesTableEdit;

    private OrderType type = null;
    private Long typeValue = null;

    private Datasource<Order> orderDs;
    private CollectionDatasource<Constants, UUID> constantsesDs;
    private CollectionDatasource<OrderLine, UUID> linesDs;
    private FieldGroup fieldGroup;

    private Long getConstantValue(String constantName){
        Long tmp = null;
        for(Constants cons : constantsesDs.getItems()){
                tmp = cons.getValue();
        return tmp;

    private void setConstantValue(String constantName, Long constantValue){
        for(Constants cons: constantsesDs.getItems()){

    private void calculateAmount() {
        BigDecimal sal_amount = BigDecimal.ZERO;
        BigDecimal sal_tax = BigDecimal.ZERO;
        BigDecimal net_amount = BigDecimal.ZERO;


        Date date = new Date();

        Long tax = getConstantValue("Tax");

        for(OrderLine line : linesDs.getItems()){
            sal_amount = sal_amount.add(line.getPrice().multiply(line.getQuantity()));
        sal_tax = sal_amount.multiply(BigDecimal.valueOf(tax).divide(BigDecimal.valueOf(100.0)));
        net_amount = sal_amount.add(sal_tax);



    public void init(Map<String, Object> params) {


        orderDs.addItemPropertyChangeListener(e -> {
            type = getItem().getOrder_type();
            if(type != null){
                typeValue = getConstantValue(type.getId());

        linesDs.addCollectionChangeListener(e -> calculateAmount());

    protected boolean postCommit(boolean committed, boolean close) {
            setConstantValue(type.getId(), typeValue + 1);
        return super.postCommit(committed, close);

I think the problem might be in the permissions I set for the user role.

You are right, attribute permissions enforced on middleware do not allow a user to store read-only attributes. You have two options then:

  • Turn off checking attributes on middleware by using the cuba.entityAttributePermissionChecking application property. In this case, visual components will still be disabled for read-only attributes, but programmatically set values will be stored.

  • Do not use attribute permissions in this case and use Specific permissions instead. I.e. you define a named permission, set it for a role, and in your controller code programmatically disable visual components if the permission is set to false.