I'm trying to do an or in an @PostAuthorize and I keep getting
Failed to evaluate expression 'returnObject.login == principal.username or hasPermission(returnObject,'read')'
It works fine if my logged in user has the same username as the returnObject field. The second part after the or worked fine by itself but I need to check for both. Can anyone tell me what I'm missing here?