Ignore:
Timestamp:
Jan 22, 2010, 12:27:04 PM (16 years ago)
Author:
gav
Message:

Set some permissions on Site and Section controllers.
Detail some site views missed in last commit.

Location:
trunk/grails-app/controllers
Files:
4 edited

Legend:

Unmodified
Added
Removed

  • trunk/grails-app/controllers/BaseAppAdminController.groovy

    r96 r289  
    33@Secured(['ROLE_AppAdmin'])
    44abstract class BaseAppAdminController {
    5     def whatsit() {
    6     }
    75
    86}

  • trunk/grails-app/controllers/BaseController.groovy

    r149 r289  
    33@Secured(['ROLE_AppUser', 'ROLE_AppAdmin'])
    44abstract class BaseController {
    5     def whatsit() {
    6     }
    75
    86}

  • trunk/grails-app/controllers/SectionDetailedController.groovy

    r288 r289  
    33@Secured(['ROLE_Manager','ROLE_AppAdmin'])
    44class SectionDetailedController extends BaseController {
    5    
    6     def index = { redirect(action:list,params:params) }
    75
    86    // the delete, save and update actions only accept POST requests
    97    static allowedMethods = [delete:'POST', save:'POST', update:'POST']
    108
     9    @Secured(['ROLE_AppAdmin','ROLE_Manager','ROLE_AppUser'])
     10    def index = { redirect(action:list,params:params) }
     11
     12    @Secured(['ROLE_AppAdmin','ROLE_Manager','ROLE_AppUser'])
    1113    def list = {
    1214        params.max = Math.min( params.max ? params.max.toInteger() : 10,  100)
     
    1416    }
    1517
     18    @Secured(['ROLE_AppAdmin','ROLE_Manager','ROLE_AppUser'])
    1619    def show = {
    1720        def sectionInstance = Section.get( params.id )
     
    2427    }
    2528
     29    @Secured(['ROLE_AppAdmin'])
    2630    def delete = {
    2731        def sectionInstance = Section.get( params.id )

  • trunk/grails-app/controllers/SiteDetailedController.groovy

    r288 r289  
    33@Secured(['ROLE_Manager','ROLE_AppAdmin'])
    44class SiteDetailedController extends BaseController {
    5    
    6     def index = { redirect(action:list,params:params) }
    75
    86    // the delete, save and update actions only accept POST requests
    97    static allowedMethods = [delete:'POST', save:'POST', update:'POST']
    108
     9    @Secured(['ROLE_AppAdmin','ROLE_Manager','ROLE_AppUser'])
     10    def index = { redirect(action:list,params:params) }
     11
     12    @Secured(['ROLE_AppAdmin','ROLE_Manager','ROLE_AppUser'])
    1113    def list = {
    1214        params.max = Math.min( params.max ? params.max.toInteger() : 10,  100)
     
    1416    }
    1517
     18    @Secured(['ROLE_AppAdmin','ROLE_Manager','ROLE_AppUser'])
    1619    def show = {
    1720        def siteInstance = Site.get( params.id )
     
    2427    }
    2528
     29    @Secured(['ROLE_AppAdmin'])
    2630    def delete = {
    2731        def siteInstance = Site.get( params.id )
Note: See TracChangeset for help on using the changeset viewer.