source: trunk/grails-app/controllers/BaseController.groovy @ 34

Last change on this file since 34 was 34, checked in by duh, 10 years ago

-removed testing authorization code
-looking at 'apache shiro' and / or nimble

  • Property svn:keywords set to Date Author Rev
File size: 1.9 KB
RevLine 
[8]1import org.codehaus.groovy.grails.commons.GrailsApplication
[7]2import grails.util.GrailsUtil
3
[5]4/**
[8]5 * Base Controller
[5]6 * @Author  Jeroen Wesbeek
7 * @Since   20091014
[13]8 * @see     Authorization.groovy
[5]9 * @Description
10 *
[12]11 * Base Controller which provides general functionality. Should always be
12 * extended in all controllers
[5]13 *
14 * Revision information:
15 * $Rev: 34 $
16 * $Author: duh $
17 * $Date: 2009-10-27 12:32:34 +0000 (di, 27 okt 2009) $
18 */
[8]19class BaseController {
[7]20    /**
[12]21     * @var object authorization object
22     * @visibility public
[7]23     */
[15]24    public def authorizationService;
[7]25
26    /**
[15]27     * @var boolean scaffolding default
28     * @visibility public
29     */
30    def scaffold = false;
31
32    /**
[12]33     * class constructor
[15]34     * @visibility protected
[12]35     * @void
[7]36     */
[29]37     BaseController() {
[15]38        // debug line for now
39        printf("instantiated %s\n",this.class.name);
[12]40
[15]41        // instantiate Authorization service
[34]42        //this.authorizationService = new AuthorizationService();
[15]43
[12]44        // dynamically set scaffolding
45        this.scaffold = (GrailsUtil.environment == GrailsApplication.ENV_DEVELOPMENT && this.class.name != 'BaseController');
[7]46    }
[8]47
[29]48
[8]49    /**
[12]50     * intercept any method calls in extended classes
[15]51     * @visibility public
[8]52     * @see http://www.grails.org/Controllers+-+Interceptors
53     */
[12]54    def beforeInterceptor = {
55        def controller = params.controller;
56        def action = params.action;
[15]57
[12]58        // check if the user is Authorized to call this method
[15]59        if (this.authorizationService.isAuthorized(controller,action)) {
[12]60            // user is not authorized to use this functionality
[15]61            printf("authorized call to action: %s->%s(...)\n",this.class.name,action);
[12]62        } else {
[15]63            // user is not authorized to use this controller + method
64            printf("!! unauthorized call to action: %s-->%s(...)\n",this.class.name,action);
[8]65
[12]66            // redirect to error page
67            flash['error'] = sprintf("unauthorized call to action: %s::%s\n",controller,action);
68            redirect(controller:'error',action:'index');
[8]69        }
70    }
[12]71}
Note: See TracBrowser for help on using the repository browser.