On Wed, Mar 27, 2013 at 5:48 PM, Carsten Ziegeler <[email protected]> wrote: > ...What about a neutral name? It's up to the implementation whether it > optimizes or sanitizes - transformQuery maybe?...
Works for me, suggested javadoc: ** Allows the ResourceProvider to transform the query based on the current user's credentials. Can be used to narrow down queries to omit results that the current user is not allowed to see anyway, speeding up downstream access control. Query transformations are not critical w.r.t access control as results are checked using the canRead.. methods anyway. *** -Bertrand
