Context Navigation

source: trunk/grails-app/controllers/PersonController.groovy @ 306

Last change on this file since 306 was 295, checked in by gav, 15 years ago
Authority add/remove logic in r294 not behaving as expected, fixed. Switch views back to using Authority desctiptions.
File size: 7.5 KB

Rev	Line
[62]	1	import org.codehaus.groovy.grails.plugins.springsecurity.Secured
[58]	2
[149]	3	@Secured(['ROLE_Manager','ROLE_AppAdmin'])
[97]	4	class PersonController extends BaseAppAdminController {
[58]	5
[147]	6	def authenticateService
	7	def filterService
[58]	8
[150]	9	// the delete, save and update actions only accept POST requests
	10	static Map allowedMethods = [delete: 'POST', save: 'POST', update: 'POST']
[58]	11
[150]	12	def index = {
	13	redirect action: list, params: params
	14	}
[58]	15
[147]	16	def list = {
	17	params.max = Math.min( params.max ? params.max.toInteger() : 10, 100 )
[58]	18
[250]	19	if(!params.filter) {
	20	return [personList: Person.list(params),
	21	personTotal: Person.count(),
	22	filterParams: params]
	23	}
[147]	24
	25	// filterPane:
	26	return[ personList: filterService.filter( params, Person ),
	27	personTotal: filterService.count( params, Person ),
	28	filterParams: com.zeddware.grails.plugins.filterpane.FilterUtils.extractFilterParams(params),
	29	params:params ]
	30	}
	31
[150]	32	def show = {
[147]	33
	34	// In the case of an actionSubmit button, rewrite action name from 'index'.
	35	if(params._action_Show)
	36	{ params.action='show' }
	37
[150]	38	def person = Person.get(params.id)
	39	if (!person) {
	40	flash.message = "Person not found with id $params.id"
	41	redirect action: list
	42	return
	43	}
[295]	44	def authorityList = person.authorities.sort { p1, p2 -> p1.id <=> p2.id }
	45	[person: person, authorityList: authorityList]
[150]	46	}
[58]	47
[150]	48	/**
	49	* Person delete action. Before removing an existing person,
	50	* they should be removed from those authorities which they are involved.
	51	*/
	52	def delete = {
[58]	53
[150]	54	def person = Person.get(params.id)
	55	if (person) {
	56	def authPrincipal = authenticateService.principal()
	57	// Avoid self-delete.
	58	if (!(authPrincipal instanceof String) && authPrincipal.username == person.loginName) {
	59	flash.message = "You cannot delete yourself, please login as another manager and try again."
[147]	60	redirect(action:show,id:params.id)
[150]	61	}
	62	else {
	63	//first, delete this person from Persons_Authorities table.
	64	Authority.findAll().each { it.removeFromPersons(person) }
[147]	65	person.isActive = false
	66	person.save(flush: true)
	67
[97]	68	try {
[147]	69	person.delete(flush: true)
[91]	70	flash.message = "Person $params.id deleted."
[97]	71	redirect(action:list)
	72	}
	73	catch(org.springframework.dao.DataIntegrityViolationException e) {
	74	flash.message = "Could not delete '$person.loginName' due to database constraints, but all authorities have been removed."
	75	redirect(action:show,id:params.id)
	76	}
[150]	77	}
	78	}
	79	else {
	80	flash.message = "Person not found with id $params.id"
	81	}
	82	}
[58]	83
[150]	84	def edit = {
[58]	85
[147]	86	// In the case of an actionSubmit button, rewrite action name from 'index'.
	87	if(params._action_Edit)
	88	{ params.action='edit' }
	89
[150]	90	def person = Person.get(params.id)
	91	if (!person) {
	92	flash.message = "Person not found with id $params.id"
	93	redirect action: list
	94	return
	95	}
	96	params.message = "To allow login at least the 'ROLE_AppUser' authority must be given."
	97	return buildPersonModel(person)
	98	}
[58]	99
[150]	100	/**
[294]	101	* Person update action.
	102	*/
[150]	103	def update = {
[294]	104	Person.withTransaction { status ->
[58]	105
[294]	106	def person = Person.get(params.id)
	107	if (!person) {
	108	flash.message = "Person not found with id $params.id"
	109	redirect action: edit, id: params.id
	110	return
	111	}
[58]	112
[294]	113	long version = params.version.toLong()
	114	if (person.version > version) {
	115	person.errors.rejectValue 'version', "person.optimistic.locking.failure",
	116	"Another user has updated this Person while you were editing."
	117	render view: 'edit', model: buildPersonModel(person)
	118	return
	119	}
[58]	120
[294]	121	person.properties = params
	122	person.setPersonGroupsFromCheckBoxList(params.personGroups)
[73]	123
[294]	124	if(params.pass == "") {
	125	person.pass = "InsertNothingToClearValidation"
[73]	126	}
[294]	127	else {
	128	if (person.validate()) {
	129	person.password = authenticateService.encodePassword(params.pass)
	130	}
	131	}
[73]	132
[294]	133	if (!person.hasErrors() && person.save(flush: true)) {
[295]	134	addRemoveAuthorities(person)
[294]	135	flash.message = "Person '$params.id - $params.loginName' updated."
	136	redirect action: show, id: person.id
	137	}
	138	else {
	139	render view: 'edit', model: buildPersonModel(person)
	140	}
[73]	141
[294]	142	} //end withTransaction
	143	} // update()
[58]	144
[150]	145	def create = {
	146	params.message = "To allow login at least the 'ROLE_AppUser' authority must be given."
[294]	147	[person: new Person(params), authorityList: getLimitedAuthorityList()]
[150]	148	}
[58]	149
[150]	150	/**
[294]	151	* Person save action.
	152	*/
[150]	153	def save = {
[294]	154	Person.withTransaction { status ->
[58]	155
[294]	156	def person = new Person()
	157	person.properties = params
	158	person.password = authenticateService.encodePassword(params.pass)
	159	person.setPersonGroupsFromCheckBoxList(params.personGroups)
	160	if (person.save(flush: true)) {
[295]	161	addRemoveAuthorities(person)
[294]	162	redirect action: show, id: person.id
	163	}
	164	else {
	165	render view: 'create', model: [person: person, authorityList: getLimitedAuthorityList()]
	166	}
	167
	168	} //end withTransaction
[150]	169	}
[58]	170
[295]	171	/**
	172	* Add or remove authorities from person as indicated in params.
	173	*/
	174	private void addRemoveAuthorities(person) {
	175	def authMap = [:]
	176
	177	// Build authMap from params.
[294]	178	for (key in params.keySet()) {
[295]	179	if(key.startsWith("ROLE")) {
	180	authMap.(key.toString()) = "add"
	181	}
	182	else if(key.startsWith("_ROLE")) {
	183	if( !authMap.(key.substring(1)) ) authMap.(key.substring(1)) = "remove"
	184	}
[150]	185	}
[295]	186
	187	// Add or remove authorities.
	188	for(a in authMap) {
	189	if(a.value == "add")
	190	Authority.findByAuthority(a.key.toString()).addToPersons(person)
	191	else
	192	Authority.findByAuthority(a.key.toString()).removeFromPersons(person)
	193	}
[150]	194	}
[58]	195
[150]	196	private Map buildPersonModel(person) {
[58]	197
[294]	198	List roles = getLimitedAuthorityList()
[150]	199	Set userRoleNames = []
	200	for (role in person.authorities) {
	201	userRoleNames << role.authority
	202	}
	203	LinkedHashMap<Authority, Boolean> roleMap = [:]
	204	for (role in roles) {
	205	roleMap[(role)] = userRoleNames.contains(role.authority)
	206	}
[58]	207
[150]	208	return [person: person, roleMap: roleMap]
	209	}
[294]	210
	211	/**
	212	* Get the full authorityList if current user is an App Admin else leave that authority off the list.
	213	*/
[295]	214	private List getLimitedAuthorityList() {
[294]	215	def authorityList = []
	216	if(authenticateService.ifAnyGranted('ROLE_AppAdmin'))
[295]	217	authorityList = Authority.list().sort { p1, p2 -> p1.id <=> p2.id }
[294]	218	else
[295]	219	authorityList = Authority.withCriteria { gt("id", 1L) }.sort { p1, p2 -> p1.id <=> p2.id }
[294]	220
	221	return authorityList
	222	}
[295]	223	} // end class

Note: See TracBrowser for help on using the repository browser.

Download in other formats: