Package com.broadleafcommerce.data.tracking.core.policy.trackable.variance

Annotation Type PolicyVariance

  • @Retention(RUNTIME)
@Target(TYPE)
@Documented
public @interface PolicyVariance
    In certain unique scenarios, the out-of-box policy context validation provided for a Trackable entity via TrackablePolicyUtils may be too restrictive.

    In such cases, this annotation can be applied to the persisted-domain entity class in question to skip some of the out-of-box policy context validation for it.

    A high degree of caution and care is advised when using this annotation to protect against the risk of opening up security vulnerabilities. The general expectation is for the use of this annotation to be accompanied by custom context validations in any and all controller endpoints which could result in changes to the given entity.

    Note that this only affects context-visibility validations for the entity, and does not affect whether other validations such as permission validation apply.

    Since:
    1.4
    See Also:
    PolicyVarianceType

    • Required Element Summary

      Required Elements 
      Modifier and Type Required Element Description
      PolicyVarianceType[] value
      The variance type(s) in which the entity's policy context validation should be skipped.

    • Element Detail

      • value

        PolicyVarianceType[] value
        The variance type(s) in which the entity's policy context validation should be skipped.
        Returns:
        the variance type(s) in which respective context mutability validations should be skipped