1 | import org.codehaus.groovy.grails.commons.GrailsApplication |
---|
2 | import grails.util.GrailsUtil |
---|
3 | |
---|
4 | /** |
---|
5 | * Base Controller |
---|
6 | * @Author Jeroen Wesbeek |
---|
7 | * @Since 20091014 |
---|
8 | * @see Authorization.groovy |
---|
9 | * @Description |
---|
10 | * |
---|
11 | * Base Controller which provides general functionality. Should always be |
---|
12 | * extended in all controllers |
---|
13 | * |
---|
14 | * Revision information: |
---|
15 | * $Rev: 29 $ |
---|
16 | * $Author: duh $ |
---|
17 | * $Date: 2009-10-26 13:00:46 +0000 (ma, 26 okt 2009) $ |
---|
18 | */ |
---|
19 | class BaseController { |
---|
20 | /** |
---|
21 | * @var object authorization object |
---|
22 | * @visibility public |
---|
23 | */ |
---|
24 | public def authorizationService; |
---|
25 | |
---|
26 | /** |
---|
27 | * @var boolean scaffolding default |
---|
28 | * @visibility public |
---|
29 | */ |
---|
30 | def scaffold = false; |
---|
31 | |
---|
32 | /** |
---|
33 | * class constructor |
---|
34 | * @visibility protected |
---|
35 | * @void |
---|
36 | */ |
---|
37 | BaseController() { |
---|
38 | // debug line for now |
---|
39 | printf("instantiated %s\n",this.class.name); |
---|
40 | |
---|
41 | // instantiate Authorization service |
---|
42 | this.authorizationService = new AuthorizationService(); |
---|
43 | |
---|
44 | // dynamically set scaffolding |
---|
45 | this.scaffold = (GrailsUtil.environment == GrailsApplication.ENV_DEVELOPMENT && this.class.name != 'BaseController'); |
---|
46 | } |
---|
47 | |
---|
48 | |
---|
49 | /** |
---|
50 | * intercept any method calls in extended classes |
---|
51 | * @visibility public |
---|
52 | * @see http://www.grails.org/Controllers+-+Interceptors |
---|
53 | */ |
---|
54 | def beforeInterceptor = { |
---|
55 | def controller = params.controller; |
---|
56 | def action = params.action; |
---|
57 | |
---|
58 | // check if the user is Authorized to call this method |
---|
59 | if (this.authorizationService.isAuthorized(controller,action)) { |
---|
60 | // user is not authorized to use this functionality |
---|
61 | printf("authorized call to action: %s->%s(...)\n",this.class.name,action); |
---|
62 | } else { |
---|
63 | // user is not authorized to use this controller + method |
---|
64 | printf("!! unauthorized call to action: %s-->%s(...)\n",this.class.name,action); |
---|
65 | |
---|
66 | // redirect to error page |
---|
67 | flash['error'] = sprintf("unauthorized call to action: %s::%s\n",controller,action); |
---|
68 | redirect(controller:'error',action:'index'); |
---|
69 | } |
---|
70 | } |
---|
71 | } |
---|