1👍
If you take a look at the official documentation of Play, than they have a few examples for handling Security.
Quickly adapting the example code to your needs:
def permissionNeeded(group: String)(f: User=> Request[AnyContent] => Result) = withAuth { username => implicit request =>
UserDao.findOneByUsername(username).flatMap { user =>
PermissionDao.hasPermission(user, group).map {
permissionedUser => f(permissionedUser)(request)
}
}.getOrElse(onUnauthorized(request))
}
An example controller method would look like this:
def user() = permissionNeeded("polls.can_vote") { user => implicit request =>
val username = user.username
Ok(html.user(user))
}
If you would like to use annotations, then you’ll have to look into AspectJ and Scala.
Source:stackexchange.com