Ignore:
Timestamp:
Oct 21, 2009, 1:04:41 PM (10 years ago)
Author:
duh
Message:

-added initial implementation of authorization code

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/grails-app/controllers/BaseController.groovy

    r13 r15  
    11import org.codehaus.groovy.grails.commons.GrailsApplication
    22import grails.util.GrailsUtil
    3 //import org.apache.log4j.*
    43
    54/**
     
    2322     * @visibility public
    2423     */
    25     public def Authorization;
    26     public def scaffold = false;
     24    public def authorizationService;
     25
     26    /**
     27     * @var boolean scaffolding default
     28     * @visibility public
     29     */
     30    def scaffold = false;
    2731
    2832    /**
    2933     * class constructor
     34     * @visibility protected
    3035     * @void
    3136     */
    3237    protected BaseController() {
    33         // instantiate Authorization class
    34         this.Authorization = new Authorization();
     38        // debug line for now
     39        printf("instantiated %s\n",this.class.name);
     40
     41        // instantiate Authorization service
     42        this.authorizationService = new AuthorizationService();
    3543
    3644        // dynamically set scaffolding
     
    3947
    4048    /**
    41      * Render default output to the browser, overload this in extended classes
    42      * @void
    43      */
    44     def index = {
    45         render(sprintf("default index for %s @ %s environment :: nothing to see here! :)",this.class.name,GrailsUtil.environment));
    46     }
    47 
    48     /**
    4949     * intercept any method calls in extended classes
     50     * @visibility public
    5051     * @see http://www.grails.org/Controllers+-+Interceptors
    5152     */
     
    5354        def controller = params.controller;
    5455        def action = params.action;
    55        
     56
    5657        // check if the user is Authorized to call this method
    57         if (Authorization.isAuthorized(controller,action)) {
     58        if (this.authorizationService.isAuthorized(controller,action)) {
    5859            // user is not authorized to use this functionality
    59             printf("authorized call to action: %s->%s(...)\n",controller,action);
     60            printf("authorized call to action: %s->%s(...)\n",this.class.name,action);
    6061        } else {
    61             // user is not authorized to use this functionality
    62             printf("!! unauthorized call to action: %s-->%s(...)\n",controller,action);
     62            // user is not authorized to use this controller + method
     63            printf("!! unauthorized call to action: %s-->%s(...)\n",this.class.name,action);
    6364
    6465            // redirect to error page
     
    6768        }
    6869    }
    69 
    70     /**
    71      * after interception
    72      * @param object model
    73      * @param object modelAndView
    74      * @see http://www.grails.org/Controllers+-+Interceptors
    75      */
    76     def afterInterceptor = {
    77         // nothing here yet
    78     }
    7970}
Note: See TracChangeset for help on using the changeset viewer.