source: trunk/grails-app/controllers/AppCoreController.groovy @ 439

Last change on this file since 439 was 439, checked in by gav, 15 years ago

Small security adjustment to allow business manager to read application log file.

File size: 6.5 KB
RevLine 
[59]1import org.codehaus.groovy.grails.plugins.springsecurity.Secured
[358]2import org.codehaus.groovy.grails.commons.*
[59]3
[237]4/**
5* Controller class for the application core views.
6*/
[59]7class AppCoreController extends BaseController {
8
[291]9    def authService
[258]10    def appConfigService
[149]11    def createDataService
[258]12    def createBulkDataService
[71]13
[139]14    def index = { redirect(action:start,params:params) }
[59]15
16    // the delete, save and update actions only accept POST requests
17    //def allowedMethods = [delete:'POST', save:'POST', update:'POST']
18
[139]19    /**
20    * This is where we arrive after login.
21    *  Attach the welcome flash message and redirect to where ever we want the user to start.
22    * e.g. redirect(controller:"taskDetailed", action:"search")
23    */
[127]24    def welcome = {
[291]25        def personInstance = authService.currentUser
[127]26        flash.message = "Welcome, ${personInstance.firstName} ${personInstance.lastName}."
27
28        def sess = getSession()
29        sess.setMaxInactiveInterval(personInstance.sessionTimeout)
[139]30        redirect(action:start)
[127]31    }
32
[237]33    /**
34    * Render the start view.
35    */
[139]36    def start = {
[59]37    }
38
[237]39    /**
40    * Allow a person to change their session timeout setting.
41    */
[127]42    def changeSessionTimeout = {
43        if (request.method == 'GET') {
[291]44            def personInstance = authService.currentUser
[127]45            return [ personInstance : personInstance ]       
46        }
47        if (request.method == 'POST') {
[291]48            def personInstance = authService.currentUser
[127]49                personInstance.properties = params
[178]50                if (!personInstance.hasErrors() && personInstance.save(flush: true)) {
[127]51                    def sess = getSession()
52                    sess.setMaxInactiveInterval(personInstance.sessionTimeout)
53                    flash.message = "Session timeout changed."
[139]54                    redirect(action:start)
[127]55                }
56                else {
57                    render(view:'changeSessionTimeout',model:[personInstance:personInstance])
58                }
59        }
[149]60    }
[127]61
[237]62    /**
63    * Allow a person to change their password.
64    */
[73]65    def changePassword = {
66        //def principal = authenticateService.principal()
[307]67        //log.info principal.getAuthorities()
[73]68
69        if (request.method == 'GET') {
[291]70            def personInstance = authService.currentUser
[73]71            return [ personInstance : personInstance ]       
[150]72        }
[73]73
74        if (request.method == 'POST') {
[291]75            def personInstance = authService.currentUser
[73]76
[99]77            if(params.confirmPass == params.pass) {
[98]78                personInstance.pass = params.pass
[310]79                personInstance.password = authService.encodePassword(personInstance.pass)
[98]80
[178]81                if (!personInstance.hasErrors() && personInstance.save(flush: true)) {
[98]82                    //userCache.removeUserFromCache(personInstance.loginName)
83                    flash.message = "Password changed successfully."
[139]84                    redirect(action:start)
[98]85                }
86                else {
87                    render(view:'changePassword',model:[personInstance:personInstance])
88                }
[73]89            }
90            else {
[99]91                personInstance.errors.reject('person.pass.doesNotMatch',            // Error code, see grails-app/i18n/message.properties
92                                                                ['pass', 'class Person'].toArray(),      // Groovy ListArray cast to Object[]
93                                                                 '[NothingUseMessageProperites]')  // Default mapping string.
[73]94                render(view:'changePassword',model:[personInstance:personInstance])
[98]95            }
[149]96
97        }
[73]98    }
99
[237]100    /**
101    * Render the manager view for manager or admin roles.
102    */
[298]103    @Secured(['ROLE_AppAdmin', 'ROLE_Manager'])
[91]104    def manager = {
105    }
[73]106
[237]107    /**
108    * Render the appAdmin view for admin roles.
109    */
[149]110    @Secured(['ROLE_AppAdmin'])
[106]111    def appAdmin = {
[237]112
113        def offerBaseDataCreation = false
114        def offerDemoDataCreation = false
115        def baseDataCreated = appConfigService.exists("baseDataCreated")
116        def demoDataCreated = appConfigService.exists("demoDataCreated")
117        def demoDataCreationDisabled = appConfigService.exists("demoDataCreationDisabled")
118
119        if(!baseDataCreated)
120            offerBaseDataCreation = true
121
122        if(baseDataCreated && !demoDataCreated && !demoDataCreationDisabled)
123            offerDemoDataCreation = true
124
125        return[baseDataCreated: baseDataCreated,
126                        demoDataCreated: demoDataCreated,
127                        offerDemoDataCreation: offerDemoDataCreation,
128                        offerBaseDataCreation: offerBaseDataCreation,
129                        demoDataCreationDisabled: demoDataCreationDisabled]
[59]130    }
131
[237]132    /**
133    * Allow admin to disable demo data creation.
134    */
[149]135    @Secured(['ROLE_AppAdmin'])
[237]136    def disableDemoDataCreation = {
137        if(!appConfigService.set("demoDataCreationDisabled")) {
138            flash.message = "Demo data creation could not be disabled."
139            redirect(action: appAdmin)
140            return
141        }
142
143        // Success.
144        flash.message = "Demo data creation disabled."
145        redirect(action: appAdmin)
146    }
147
148    /**
149    * Allow admin to create base data.
150    */
151    @Secured(['ROLE_AppAdmin'])
[149]152    def createBaseData = {
[237]153        if(!createDataService.createBaseData()) {
154            flash.message = "Base data could not be created."
155            redirect(action: appAdmin)
156            return
157        }
158
159        // Success.
160        flash.message = "Base data created."
161        redirect(action: appAdmin)
[149]162    }
163
[237]164    /**
165    * Allow admin to create demo data.
166    */
[149]167    @Secured(['ROLE_AppAdmin'])
168    def createDemoData = {
[237]169        if(!createDataService.createDemoData()) {
170            flash.message = "Demo data could not be created."
171            redirect(action: appAdmin)
172            return
173        }
174
175        // Success.
176        flash.message = "Demo data created."
177        redirect(action: appAdmin)
[149]178    }
179
[258]180    /**
181    * Allow admin to create bulk test data.
182    */
183    @Secured(['ROLE_AppAdmin'])
184    def createBulkTestData = {
185        if(!createBulkDataService.create()) {
186            flash.message = "Bulk test data could not be created."
187            redirect(action: appAdmin)
188            return
189        }
190
191        // Success.
192        flash.message = "Bulk test data created."
193        redirect(action: appAdmin)
194    }
195
[358]196    /**
197    * Render the application log file.
198    */
[439]199    @Secured(['ROLE_AppAdmin', 'ROLE_Manager'])
[358]200    def appLog = {
201        def file = new File(ConfigurationHolder.config.log4j.appenders.appLog.file)
202
203        // Success.
204        [log: file.text]
205    }
206
[237]207} // end of class.
Note: See TracBrowser for help on using the repository browser.