I am curious as to why the decision was made to not append a WHERE clause to
deletes and updates that could be affected by a session filter. I was
looking at the source for HqlSqlWalker.postProcessDML, and it has the
comment "append any filter fragments; the EMPTY_MAP is used under the
assumption that currently enabled filters should not affect this process."
So, it seems this was a conscious choice. I would actually like filters to
affect updates and deletes and will probably modify this class to enable
this. My reasoning is that if you have a filter turned on and perform a
select then perform an update using HQL you would expect it to only modify
those things returned in the select (lets ignore the fact that this is a
race condition as I am oversimplifying). We are using session filters to
automatically restrict a logged in user's view of certain data. This works
great for selects, but obviously allows HQL updates and deletes to bypass
this restricted view.
So, my questions are, why this choice? and would you consider changing your
mind?
Thanks,
Jason
Show replies by date