...
Implementation of the Open registry may want to restrict the search results based on authorized principal's granted authority. This is must be done at service layer. Necessary configuration has been made in the security context to create spring security aop proxies to apply the pre/post filtration/authorization on the service layer. Security trimming is done by the following annotation in the default person service
@PostFilter("hasPermission(filterObject, 'read')")
Default Implementation of permission evaluation has been provided in the class org.openregistry.core.service.security.auth.PermissionEvaluatorDefaultPermissionEvaluator
That returns true i.e. doesn't apply security criteria on the service layer.
...