@grails.compiler.GrailsCompileStatic class TaackUiEnablerService extends java.lang.Object implements grails.web.api.WebAttributes
Service enabling to predict if an action is allowed to the end user. This service allows to remove actions links (buttons and links) if the target action is not allowed with those parameters to the end user.
@PostConstruct
void init() {
TaackUiEnablerService.securityClosure(
{ Long id, Map p ->
if (!id && !p) return true
def task = TaskHistory.read(id ?: p['id'] as Long)
def u = springSecurityService.currentUser as User
if (task.userCreated == u) true
else if (task.reporter == u) true
else if (task.assignee?.allUser?.contains(u)) true
else false
,
MkgController.&editTaskAction as MethodClosure,
MkgController.&selectLinkedTask as MethodClosure,
MkgController.&saveLinkedTask as MethodClosure,
MkgController.&addTaskAttachment as MethodClosure)
}
}
Type | Name and description |
---|---|
org.springframework.security.web.access.WebInvocationPrivilegeEvaluator |
webInvocationPrivilegeEvaluator |
Constructor and description |
---|
TaackUiEnablerService
() |
Type Params | Return Type | Name and description |
---|---|---|
|
void |
checkAccess() Disallow continuing to execute the action, throwing a AccessDeniedException exception, if user is not allowed to execute the action as predicted. |
|
boolean |
hasAccess(java.lang.String controller, java.lang.String action, java.lang.Long id, java.util.Map params) Check if the action is allowed |
|
boolean |
hasAccess(org.codehaus.groovy.runtime.MethodClosure methodClosure, java.lang.Long id, java.util.Map params) see hasAccess(String, String, Long, java.util.Map) |
|
boolean |
hasAccess(org.codehaus.groovy.runtime.MethodClosure methodClosure, java.util.Map params) see hasAccess(String, String, Long, java.util.Map) |
|
static void |
securityClosure(groovy.lang.Closure closure, org.codehaus.groovy.runtime.MethodClosure[] actions) Execute the closure if the actions are a target of a link. |
Methods inherited from class | Name |
---|---|
class java.lang.Object |
java.lang.Object#wait(long, int), java.lang.Object#wait(), java.lang.Object#wait(long), java.lang.Object#equals(java.lang.Object), java.lang.Object#toString(), java.lang.Object#hashCode(), java.lang.Object#getClass(), java.lang.Object#notify(), java.lang.Object#notifyAll() |
Disallow continuing to execute the action, throwing a AccessDeniedException exception, if user is not allowed to execute the action as predicted.
Check if the action is allowed
see hasAccess(String, String, Long, java.util.Map) @return
see hasAccess(String, String, Long, java.util.Map) @return
Execute the closure if the actions are a target of a link. If the closure returns true, the action is allowed, if false, it cannot be reached.
closure
- must return true or falseactions
- list of actions that are secured by the closureGroovy Documentation