Implement role-based views API endpoints
- Introduction of a global
viewas
query parameter forGET
requests. - The security system checks if the current user is allowed to view the object as the specified role.
- A Jackson JsonView (
Public.class
,Owner.class
,Admin.class
) is chosen based on this parameter to select properties for inclusion in serialization.