public void process(final Request request) {
final String id = request.getOptionalProperty(OBJECT);
final String fieldName = request.getRequiredProperty(FIELD);
final ObjectAdapter object = request.getContext().getMappedObjectOrResult(id);
if (object == null) {
throw new ScimpiException("No object to get field for: " + fieldName + " - " + id);
}
final ObjectAssociation field = object.getSpecification().getAssociation(fieldName);
if (field == null) {
throw new ScimpiException("No field " + fieldName + " in " + object.getSpecification().getFullIdentifier());
}
final AuthenticationSession session = IsisContext.getAuthenticationSession();
if (field.isVisible(session, object, where).isVetoed()) {
throw new ForbiddenException(field, ForbiddenException.VISIBLE);
}