Hi all,

 

I am trying to implement the following use case using aerogear-controller. I have a route to /cars/{id} (GET) and I want to restrict the access based on the id of the requested car. Say user Tom shall be able to get /car/4711 and user Tim shall not.

 

Currently the SecurityProvider only gets the Route as parameter in its isRouteAllowed method. As I understand to realize the above scenario I would need the full RouteContext. Is there a particular reason why only the Route is handed over to the SecurityProvider?

 

Thanks and reagrds,

Tobias