source: trunk/grails-app/controllers/AppCoreController.groovy @ 439

Last change on this file since 439 was 439, checked in by gav, 15 years ago

Small security adjustment to allow business manager to read application log file.

File size: 6.5 KB
Line 
1import org.codehaus.groovy.grails.plugins.springsecurity.Secured
2import org.codehaus.groovy.grails.commons.*
3
4/**
5* Controller class for the application core views.
6*/
7class AppCoreController extends BaseController {
8
9    def authService
10    def appConfigService
11    def createDataService
12    def createBulkDataService
13
14    def index = { redirect(action:start,params:params) }
15
16    // the delete, save and update actions only accept POST requests
17    //def allowedMethods = [delete:'POST', save:'POST', update:'POST']
18
19    /**
20    * This is where we arrive after login.
21    *  Attach the welcome flash message and redirect to where ever we want the user to start.
22    * e.g. redirect(controller:"taskDetailed", action:"search")
23    */
24    def welcome = {
25        def personInstance = authService.currentUser
26        flash.message = "Welcome, ${personInstance.firstName} ${personInstance.lastName}."
27
28        def sess = getSession()
29        sess.setMaxInactiveInterval(personInstance.sessionTimeout)
30        redirect(action:start)
31    }
32
33    /**
34    * Render the start view.
35    */
36    def start = {
37    }
38
39    /**
40    * Allow a person to change their session timeout setting.
41    */
42    def changeSessionTimeout = {
43        if (request.method == 'GET') {
44            def personInstance = authService.currentUser
45            return [ personInstance : personInstance ]       
46        }
47        if (request.method == 'POST') {
48            def personInstance = authService.currentUser
49                personInstance.properties = params
50                if (!personInstance.hasErrors() && personInstance.save(flush: true)) {
51                    def sess = getSession()
52                    sess.setMaxInactiveInterval(personInstance.sessionTimeout)
53                    flash.message = "Session timeout changed."
54                    redirect(action:start)
55                }
56                else {
57                    render(view:'changeSessionTimeout',model:[personInstance:personInstance])
58                }
59        }
60    }
61
62    /**
63    * Allow a person to change their password.
64    */
65    def changePassword = {
66        //def principal = authenticateService.principal()
67        //log.info principal.getAuthorities()
68
69        if (request.method == 'GET') {
70            def personInstance = authService.currentUser
71            return [ personInstance : personInstance ]       
72        }
73
74        if (request.method == 'POST') {
75            def personInstance = authService.currentUser
76
77            if(params.confirmPass == params.pass) {
78                personInstance.pass = params.pass
79                personInstance.password = authService.encodePassword(personInstance.pass)
80
81                if (!personInstance.hasErrors() && personInstance.save(flush: true)) {
82                    //userCache.removeUserFromCache(personInstance.loginName)
83                    flash.message = "Password changed successfully."
84                    redirect(action:start)
85                }
86                else {
87                    render(view:'changePassword',model:[personInstance:personInstance])
88                }
89            }
90            else {
91                personInstance.errors.reject('person.pass.doesNotMatch',            // Error code, see grails-app/i18n/message.properties
92                                                                ['pass', 'class Person'].toArray(),      // Groovy ListArray cast to Object[]
93                                                                 '[NothingUseMessageProperites]')  // Default mapping string.
94                render(view:'changePassword',model:[personInstance:personInstance])
95            }
96
97        }
98    }
99
100    /**
101    * Render the manager view for manager or admin roles.
102    */
103    @Secured(['ROLE_AppAdmin', 'ROLE_Manager'])
104    def manager = {
105    }
106
107    /**
108    * Render the appAdmin view for admin roles.
109    */
110    @Secured(['ROLE_AppAdmin'])
111    def appAdmin = {
112
113        def offerBaseDataCreation = false
114        def offerDemoDataCreation = false
115        def baseDataCreated = appConfigService.exists("baseDataCreated")
116        def demoDataCreated = appConfigService.exists("demoDataCreated")
117        def demoDataCreationDisabled = appConfigService.exists("demoDataCreationDisabled")
118
119        if(!baseDataCreated)
120            offerBaseDataCreation = true
121
122        if(baseDataCreated && !demoDataCreated && !demoDataCreationDisabled)
123            offerDemoDataCreation = true
124
125        return[baseDataCreated: baseDataCreated,
126                        demoDataCreated: demoDataCreated,
127                        offerDemoDataCreation: offerDemoDataCreation,
128                        offerBaseDataCreation: offerBaseDataCreation,
129                        demoDataCreationDisabled: demoDataCreationDisabled]
130    }
131
132    /**
133    * Allow admin to disable demo data creation.
134    */
135    @Secured(['ROLE_AppAdmin'])
136    def disableDemoDataCreation = {
137        if(!appConfigService.set("demoDataCreationDisabled")) {
138            flash.message = "Demo data creation could not be disabled."
139            redirect(action: appAdmin)
140            return
141        }
142
143        // Success.
144        flash.message = "Demo data creation disabled."
145        redirect(action: appAdmin)
146    }
147
148    /**
149    * Allow admin to create base data.
150    */
151    @Secured(['ROLE_AppAdmin'])
152    def createBaseData = {
153        if(!createDataService.createBaseData()) {
154            flash.message = "Base data could not be created."
155            redirect(action: appAdmin)
156            return
157        }
158
159        // Success.
160        flash.message = "Base data created."
161        redirect(action: appAdmin)
162    }
163
164    /**
165    * Allow admin to create demo data.
166    */
167    @Secured(['ROLE_AppAdmin'])
168    def createDemoData = {
169        if(!createDataService.createDemoData()) {
170            flash.message = "Demo data could not be created."
171            redirect(action: appAdmin)
172            return
173        }
174
175        // Success.
176        flash.message = "Demo data created."
177        redirect(action: appAdmin)
178    }
179
180    /**
181    * Allow admin to create bulk test data.
182    */
183    @Secured(['ROLE_AppAdmin'])
184    def createBulkTestData = {
185        if(!createBulkDataService.create()) {
186            flash.message = "Bulk test data could not be created."
187            redirect(action: appAdmin)
188            return
189        }
190
191        // Success.
192        flash.message = "Bulk test data created."
193        redirect(action: appAdmin)
194    }
195
196    /**
197    * Render the application log file.
198    */
199    @Secured(['ROLE_AppAdmin', 'ROLE_Manager'])
200    def appLog = {
201        def file = new File(ConfigurationHolder.config.log4j.appenders.appLog.file)
202
203        // Success.
204        [log: file.text]
205    }
206
207} // end of class.
Note: See TracBrowser for help on using the repository browser.