private void validateCredentialsForReading(EntityDto entity) { boolean authorized = false; SecurityMode securityMode = entity.getSecurityMode(); SecurityMode readOnlySecurityMode = entity.getReadOnlySecurityMode(); if (securityMode != null) { Set<String> securityMembers = entity.getSecurityMembers(); authorized = entity.hasAccessToEntityFromSecurityMode(securityMode, securityMembers); if (!authorized) { if (readOnlySecurityMode != null) { Set<String> readOnlySecurityMembers = entity.getReadOnlySecurityMembers(); authorized = entity.hasAccessToEntityFromSecurityMode( readOnlySecurityMode, readOnlySecurityMembers); if (isAuthorizedByReadAccessOrIsInstanceRestriction( authorized, readOnlySecurityMode, securityMode)) { throw new SecurityException(); } } } } if (!authorized && readOnlySecurityMode != null) { Set<String> readOnlySecurityMembers = entity.getReadOnlySecurityMembers(); authorized = entity.hasAccessToEntityFromSecurityMode(readOnlySecurityMode, readOnlySecurityMembers); if (!authorized && !readOnlySecurityMode.isInstanceRestriction()) { throw new SecurityException(); } } }