Package org.kiwiproject.beta.dao

Class AllowedFields

  • @Beta
public class AllowedFields
extends Object
    Extremely simply way to whitelist fields, e.g. from a web form.

    • Method Detail

      • of

        public static AllowedFields of​(String... fieldNames)
        Create a new instance from the given field names.

        Permits simple or prefixed field names in the format [prefix.optionally.with.multiple.parts.]fieldName. If the given name is dot-separated, then the field name is extracted as the part after the last dot, while the part before the last dot is considered the prefix.

        Examples: firstName, u.firstName, user.firstName, account.user.firstName

        Parameters:
        fieldNames - the field names to allow
        Returns:
        a new instance

      • of

        public static AllowedFields of​(Collection<String> fieldNames)
        Create a new instance from the collection of field names.

        Permits simple or prefixed field names in the format [prefix.optionally.with.multiple.parts.]fieldName. If the given name is dot-separated, then the field name is extracted as the part after the last dot, while the part before the last dot is considered the prefix.

        Examples: firstName, u.firstName, user.firstName, account.user.firstName

        Parameters:
        fieldNames - the field names to allow
        Returns:
        a new instance
        See Also:
        of(String...)

      • isAllowed

        public boolean isAllowed​(String fieldName)
        Checks whether the field name is allowed
        Parameters:
        fieldName - the field name
        Returns:
        true if the given field name is allowed, false otherwise

      • isPrefixedAllowed

        public boolean isPrefixedAllowed​(String prefixedFieldName)
        Checks whether the prefixed field name is allowed.
        Parameters:
        prefixedFieldName - the prefixed field name
        Returns:
        true if the given prefixed field name is allowed, false otherwise

      • assertAllowed

        public void assertAllowed​(String fieldName)
        Checks that the field name is an allowed field.
        Parameters:
        fieldName - the field name to check
        Throws:
        IllegalArgumentException - if the given field name is not allowed

      • assertPrefixedAllowed

        public void assertPrefixedAllowed​(String prefixedFieldName)
        Checks that the prefixed field name is allowed.
        Parameters:
        prefixedFieldName - the prefixed field name to check
        Throws:
        IllegalArgumentException - if the given prefixed field name is not allowed

      • getPrefixedFieldName

        public String getPrefixedFieldName​(String fieldName)
        Find the prefixed field name for the given (unprefixed) field name.
        Parameters:
        fieldName - the field name to find
        Returns:
        the full prefixed field name (e.g. u.lastName) for the given field name (e.g. lastName)