Changeset 15


Ignore:
Timestamp:
Oct 21, 2009, 1:04:41 PM (9 years ago)
Author:
duh
Message:

-added initial implementation of authorization code

Location:
trunk
Files:
20 added
1 deleted
7 edited
1 moved

Legend:

Unmodified
Added
Removed
  • trunk/application.properties

    r11 r15  
    11#utf-8
    2 #Fri Oct 16 23:34:11 CEST 2009
     2#Wed Oct 21 11:40:24 CEST 2009
    33app.version=0.1
     4plugins.jquery=1.3.2.4
    45app.servlet.version=2.4
    56app.grails.version=1.1.1
  • trunk/grails-app/conf/BootStrap.groovy

    r4 r15  
     1import org.codehaus.groovy.grails.commons.GrailsApplication
     2import grails.util.GrailsUtil
     3
     4/**
     5 * Application Bootstrapper
     6 * @Author  Jeroen Wesbeek
     7 * @Since   20091021
     8 *
     9 * Revision information:
     10 * $Rev$
     11 * $Author$
     12 * $Date$
     13 */
    114class BootStrap {
     15     def init = { servletContext ->
     16         // check if we're in development
     17         if (GrailsUtil.environment == GrailsApplication.ENV_DEVELOPMENT) {
     18             printf("development bootstrapping....\n\n");
    219
    3      def init = { servletContext ->
     20             // add roles
     21             def AuthRole1 = new AuthRole(name:'Administrator', description:'Super user').save();
     22             def AuthRole2 = new AuthRole(name:'Group Administrator', description:'Group Super user').save();
     23             def AuthRole3 = new AuthRole(name:'Study Owner', description:'The creator of a study').save();
     24             
     25             // add actions
     26             def AuthAction1 = new AuthAction(controller:'test', action:'index').save();
     27             def AuthAction2 = new AuthAction(controller:'test', action:'sayHello').save();
     28             def AuthAction3 = new AuthAction(controller:'test', action:'sayWeather').save();
     29             
     30             // authorize super user for everything
     31             AuthRole1.addToActions(AuthAction1).save();
     32             AuthRole1.addToActions(AuthAction2).save();
     33             AuthRole1.addToActions(AuthAction3).save();
     34
     35             // authorize group admin only for index and hello
     36             AuthRole2.addToActions(AuthAction1).save();
     37             AuthRole2.addToActions(AuthAction2).save();
     38
     39             // authorize study owner only for index
     40             AuthRole3.addToActions(AuthAction1).save();
     41
     42             // add users
     43             def User1 = new AuthUser(username:'admin', password:'admin', firstName:'super', lastName:'User', email:'info@osx.eu').save();
     44             def User2 = new AuthUser(username:'duh', password:'duh', firstname:'Jeroen', lastname:'Wesbeek', email:'j.a.m.wesbeek@umail.leidenuniv.nl').save();
     45
     46             // add group structure
     47             def AuthGroup1 = new AuthGroup(name:'root', description:'the root of everything').save();
     48             def AuthGroup2 = new AuthGroup(name:'TNO', description:'TNO - nation wide company').save();
     49             def AuthGroup3 = new AuthGroup(name:'KVL', description:'TNO - quality of life').save();
     50             def AuthGroup4 = new AuthGroup(name:'BSC', description:'BioSciences').save();
     51
     52             // create group tree 4 -> 3 -> 2 -> 1
     53             AuthGroup4.addToGroups(AuthGroup3).save();
     54             AuthGroup3.addToGroups(AuthGroup2).save();
     55             AuthGroup2.addToGroups(AuthGroup1).save();
     56
     57             // add users to groups
     58             //User1.addToGroups(AuthGroup1).save();
     59             //User2.addToGroups(AuthGroup4).save();
     60
     61             
     62         }
    463     }
    564     def destroy = {
  • trunk/grails-app/controllers/BaseController.groovy

    r13 r15  
    11import org.codehaus.groovy.grails.commons.GrailsApplication
    22import grails.util.GrailsUtil
    3 //import org.apache.log4j.*
    43
    54/**
     
    2322     * @visibility public
    2423     */
    25     public def Authorization;
    26     public def scaffold = false;
     24    public def authorizationService;
     25
     26    /**
     27     * @var boolean scaffolding default
     28     * @visibility public
     29     */
     30    def scaffold = false;
    2731
    2832    /**
    2933     * class constructor
     34     * @visibility protected
    3035     * @void
    3136     */
    3237    protected BaseController() {
    33         // instantiate Authorization class
    34         this.Authorization = new Authorization();
     38        // debug line for now
     39        printf("instantiated %s\n",this.class.name);
     40
     41        // instantiate Authorization service
     42        this.authorizationService = new AuthorizationService();
    3543
    3644        // dynamically set scaffolding
     
    3947
    4048    /**
    41      * Render default output to the browser, overload this in extended classes
    42      * @void
    43      */
    44     def index = {
    45         render(sprintf("default index for %s @ %s environment :: nothing to see here! :)",this.class.name,GrailsUtil.environment));
    46     }
    47 
    48     /**
    4949     * intercept any method calls in extended classes
     50     * @visibility public
    5051     * @see http://www.grails.org/Controllers+-+Interceptors
    5152     */
     
    5354        def controller = params.controller;
    5455        def action = params.action;
    55        
     56
    5657        // check if the user is Authorized to call this method
    57         if (Authorization.isAuthorized(controller,action)) {
     58        if (this.authorizationService.isAuthorized(controller,action)) {
    5859            // user is not authorized to use this functionality
    59             printf("authorized call to action: %s->%s(...)\n",controller,action);
     60            printf("authorized call to action: %s->%s(...)\n",this.class.name,action);
    6061        } else {
    61             // user is not authorized to use this functionality
    62             printf("!! unauthorized call to action: %s-->%s(...)\n",controller,action);
     62            // user is not authorized to use this controller + method
     63            printf("!! unauthorized call to action: %s-->%s(...)\n",this.class.name,action);
    6364
    6465            // redirect to error page
     
    6768        }
    6869    }
    69 
    70     /**
    71      * after interception
    72      * @param object model
    73      * @param object modelAndView
    74      * @see http://www.grails.org/Controllers+-+Interceptors
    75      */
    76     def afterInterceptor = {
    77         // nothing here yet
    78     }
    7970}
  • trunk/grails-app/controllers/ErrorController.groovy

    r14 r15  
    99 * $Date$
    1010 */
    11 public class ErrorController {
     11public class ErrorController extends BaseController {
    1212    /**
    1313     * render the flash message
  • trunk/grails-app/controllers/TestController.groovy

    r14 r15  
    1515     */
    1616    public def TestController() {
    17         // debug line for now
    18         printf("instantiated %s\n",this.class.name);
     17        // nothing yet
     18    }
     19
     20    /**
     21     * render dummy text when executed
     22     * @void
     23     */
     24    def index = {
     25        render(sprintf("this is %s",this.class.name));
     26    }
     27
     28    /**
     29     * dummy method
     30     */
     31    def sayHello = {
     32        render("Hello World!");
     33    }
     34
     35    /**
     36     * another dummy method
     37     */
     38    def sayWeather = {
     39        render("The weather is pretty good!");
    1940    }
    2041}
  • trunk/grails-app/services/AuthorizationService.groovy

    r14 r15  
    99 * $Date$
    1010 */
    11 public class Authorization {
     11public class AuthorizationService {
    1212    /**
    1313     * class constructor
    1414     * @void
    1515     */
    16     public def Authorization() {
     16    public def AuthorizationService() {
    1717        // debug line for now
    1818        printf("instantiated %s\n",this.class.name);
     
    2323     * @return boolean
    2424     */
    25     def isAuthorized(controller,action) {
     25    public def isAuthorized(controller,action) {
    2626        // logic should be implemented here containing:
    2727        //      user / sessions
  • trunk/web-app

    • Property svn:ignore set to
      plugins
  • trunk/web-app/js

    • Property svn:ignore set to
      jquery
Note: See TracChangeset for help on using the changeset viewer.