Changeset 12


Ignore:
Timestamp:
Oct 19, 2009, 4:00:15 PM (9 years ago)
Author:
duh
Message:

Updated the BaseController? to incorporate basic authentication (not yet implemented) to capture all method ( = controller and action ) calls. For now is authorizes everything, to be continued...

Location:
trunk/grails-app
Files:
4 added
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/grails-app/controllers/BaseController.groovy

    r8 r12  
    11import org.codehaus.groovy.grails.commons.GrailsApplication
    22import grails.util.GrailsUtil
     3//import org.apache.log4j.*
    34
    45/**
     
    89 * @Description
    910 *
    10  * Base Controller which provides general functionality
     11 * Base Controller which provides general functionality. Should always be
     12 * extended in all controllers
    1113 *
    1214 * Revision information:
     
    1719class BaseController {
    1820    /**
    19      * Turn scaffolding on or off
     21     * @var object authorization object
     22     * @visibility public
    2023     */
    21     def scaffold = (GrailsUtil.environment == GrailsApplication.ENV_DEVELOPMENT && this.class.name != 'DebugController');
     24    public def Authorization;
     25    public def scaffold = false;
    2226
    2327    /**
    24      * Render default output to the browser, overload this method to suit your needs
     28     * class constructor
     29     * @void
    2530     */
    26     def index = {
    27         render(sprintf("%s @ %s environment :: nothing to see here! :)",this.class.name,GrailsUtil.environment));
     31    protected BaseController() {
     32        // instantiate Authorization class
     33        this.Authorization = new Authorization();
     34
     35        // dynamically set scaffolding
     36        this.scaffold = (GrailsUtil.environment == GrailsApplication.ENV_DEVELOPMENT && this.class.name != 'BaseController');
     37    }
     38
     39    /**
     40     * Render default output to the browser, overload this in extended classes
     41     * @void
     42     */
     43    def index = {
     44        render(sprintf("default index for %s @ %s environment :: nothing to see here! :)",this.class.name,GrailsUtil.environment));
    2845    }
    2946
     
    3249     * @see http://www.grails.org/Controllers+-+Interceptors
    3350     */
    34     def beforeInterceptor = [action:this.&auth,except:'login']
     51    def beforeInterceptor = {
     52        def controller = params.controller;
     53        def action = params.action;
     54       
     55        // check if the user is Authorized to call this method
     56        if (Authorization.isAuthorized(controller,action)) {
     57            // user is not authorized to use this functionality
     58            printf("authorized call to action: %s->%s(...)\n",controller,action);
     59        } else {
     60            // user is not authorized to use this functionality
     61            printf("!! unauthorized call to action: %s-->%s(...)\n",controller,action);
    3562
    36     /**
    37      * after interception
    38      * @see http://www.grails.org/Controllers+-+Interceptors
    39      */
    40     def afterInterceptor = { model, modelAndView ->
    41         println "Current view is ${modelAndView.viewName}"
    42         if(model.someVar) modelAndView.viewName = "/mycontroller/someotherview"
    43         println "View is now ${modelAndView.viewName}"
    44     }
    45 
    46     /**
    47      * authentication method
    48      */
    49     def auth() {
    50         if(!session.user) {
    51             redirect(action:'login')
    52             return false
     63            // redirect to error page
     64            flash['error'] = sprintf("unauthorized call to action: %s::%s\n",controller,action);
     65            redirect(controller:'error',action:'index');
    5366        }
    5467    }
    5568
    5669    /**
    57      * login method
     70     * after interception
     71     * @param object model
     72     * @param object modelAndView
     73     * @see http://www.grails.org/Controllers+-+Interceptors
    5874     */
    59     def login = {
    60         // display login page
    61         println "render login...";
     75    def afterInterceptor = {
     76        // nothing here yet
    6277    }
    6378}
Note: See TracChangeset for help on using the changeset viewer.