SpringSecurityService springSecurityService
private securityClosure(Long id, Map p) { (1)
if (!id && !p) return true
if (!id) return true
canEdit(User.read(id))
}
@PostConstruct
void init() {
TaackUiEnablerService.securityClosure(
this.&securityClosure, (2)
CrewController.&editUser as MC, (3)
CrewController.&saveUser as MC)
}
Table of Contents
Spring Security
Taack-ui framework check @Secured
annotation on actions to display access links and icons. Menu entries, links, action buttons disappear when the user is not granted.
More fine-grained approach
A central place can manage more complex cases allowing or not access to an action.
Code Managing Action Access
1 | Params include user id and action params |
2 | Register an access constraints |
3 | Actions concerned by this access contraints |