Changeset 298 for trunk

Timestamp:

Jan 25, 2010, 2:14:48 PM (15 years ago)

Author:

gav

Message:

Set base authorisations on all controllers.

Location:

trunk/grails-app

Files:

• controllers/AppCoreController.groovy (modified) (1 diff)
• controllers/AssetDetailedController.groovy (modified) (14 diffs)
• controllers/AssetExtendedAttributeDetailedController.groovy (modified) (1 diff)
• controllers/AssetSubItemDetailedController.groovy (modified) (1 diff)
• controllers/AssetSubItemExtendedAttributeDetailedController.groovy (modified) (1 diff)
• controllers/AssignedGroupDetailedController.groovy (modified) (1 diff)
• controllers/AssignedPersonDetailedController.groovy (modified) (1 diff)
• controllers/BaseController.groovy (modified) (1 diff)
• controllers/EntryDetailedController.groovy (modified) (1 diff)
• controllers/InventoryItemDetailedController.groovy (modified) (6 diffs)
• controllers/InventoryLocationDetailedController.groovy (modified) (2 diffs)
• controllers/InventoryMovementDetailedController.groovy (modified) (3 diffs)
• controllers/MaintenanceActionDetailedController.groovy (modified) (2 diffs)
• controllers/MaintenancePolicyController.groovy (modified) (1 diff)
• controllers/PictureDetailedController.groovy (modified) (1 diff)
• controllers/SectionDetailedController.groovy (modified) (3 diffs)
• controllers/SectionExtendedAttributeDetailedController.groovy (modified) (1 diff)
• controllers/SiteDetailedController.groovy (modified) (3 diffs)
• controllers/SiteExtendedAttributeDetailedController.groovy (modified) (1 diff)
• controllers/TaskDetailedController.groovy (modified) (15 diffs)
• controllers/TaskProcedureDetailedController.groovy (modified) (3 diffs)
• controllers/TaskRecurringScheduleDetailedController.groovy (modified) (3 diffs)
• services/CreateDataService.groovy (modified) (1 diff)

trunk/grails-app/controllers/AppCoreController.groovy

@@ -100 +100 @@
     * Render the manager view for manager or admin roles.
     */
-    @Secured(['ROLE_Manager','ROLE_AppAdmin'])
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager'])
     def manager = {
     }

trunk/grails-app/controllers/AssetDetailedController.groovy

@@ -2 +2 @@
 import org.codehaus.groovy.grails.commons.ConfigurationHolder
 
+@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager'])
 class AssetDetailedController extends BaseController {
 
@@ -9 +10 @@
     def assetService
 
-    def index = { redirect(action:overview,params:params) }
-
     // the delete, save and update actions only accept POST requests
     static allowedMethods = [delete:'POST', save:'POST', update:'POST', saveCopy:'POST']
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager', 'ROLE_AssetUser'])
+    def index = { redirect(action:overview,params:params) }
+
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager', 'ROLE_AssetUser'])
     def overview = {
     }
 
-    @Secured(['ROLE_Manager','ROLE_AppAdmin'])
     def importAssetTree = {
     }
 
-    @Secured(['ROLE_Manager','ROLE_AppAdmin'])
     def importAssetTreeSave = {
         def result = csvService.importAssetTree(request)
@@ -38 +39 @@
     * This does not appear to be a problem once deployed to Tomcat.
     */
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager', 'ROLE_AssetUser'])
     def exportAssetTreeTemplate = {
         response.contentType = ConfigurationHolder.config.grails.mime.types["csv"]
@@ -45 +47 @@
     }
 
+    /**
+    * Export the entire asset tree.
+    */
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager', 'ROLE_AssetUser'])
     def exportAssetTree = {
 
@@ -55 +61 @@
     }
 
+    /**
+    * List action.
+    */
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager', 'ROLE_AssetUser'])
     def list = {
         params.max = Math.min( params.max ? params.max.toInteger() : 10,  100)
@@ -60 +70 @@
     }
 
+    /**
+    * Search action.
+    */
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager', 'ROLE_AssetUser'])
     def search = {
 
@@ -158 +172 @@
     } // end search()
 
+    /**
+    * Show action.
+    */
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager', 'ROLE_AssetUser'])
     def show = {
 
@@ -173 +191 @@
     }
 
+    /**
+    * Delete action.
+    */
     def delete = {
         def assetInstance = Asset.get( params.id )
@@ -192 +213 @@
     }
 
+    /**
+    * Edit action.
+    */
     def edit = {
 
@@ -209 +233 @@
     }
 
+    /**
+    * Update action.
+    */
     def update = {
         def assetInstance = Asset.get( params.id )
@@ -240 +267 @@
     }
 
+    /**
+    * Create action.
+    */
     def create = {
         def result = assetService.create(params)
@@ -250 +280 @@
     }
 
+    /**
+    * Copy action.
+    */
     def copy = {
         def result = assetService.copy(params)
@@ -260 +293 @@
     }
 
+    /**
+    * Save action.
+    */
     def save = {
         def result = assetService.save(params)
@@ -272 +308 @@
     }
 
-
+    /**
+    * Copy save action.
+    */
     def saveCopy = {
         def result = assetService.saveCopy(params)

trunk/grails-app/controllers/AssetExtendedAttributeDetailedController.groovy

@@ -1 +1 @@
 import org.codehaus.groovy.grails.plugins.springsecurity.Secured
 
+@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager'])
 class AssetExtendedAttributeDetailedController extends BaseController {
-
-    def index = { redirect(controller: "assetDetailed", action: "search", params:params) }
 
     // the delete, save and update actions only accept POST requests
     static allowedMethods = [delete:'POST', save:'POST', update:'POST']
+
+    def index = { redirect(controller: "assetDetailed", action: "search", params:params) }
 
     def show = {

trunk/grails-app/controllers/AssetSubItemDetailedController.groovy

@@ -1 +1 @@
 import org.codehaus.groovy.grails.plugins.springsecurity.Secured
 
+@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager'])
 class AssetSubItemDetailedController extends BaseController {
 
     def assetSubItemService
 
-    def index = { redirect(controller: "assetDetailed", params:params) }
-
     // the delete, save and update actions only accept POST requests
     static allowedMethods = [delete:'POST', save:'POST', update:'POST']
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager', 'ROLE_AssetUser'])
+    def index = { redirect(controller: "assetDetailed", params:params) }
+
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager', 'ROLE_AssetUser'])
     def show = {
         def assetSubItemInstance = AssetSubItem.get( params.id )

trunk/grails-app/controllers/AssetSubItemExtendedAttributeDetailedController.groovy

@@ -1 +1 @@
 import org.codehaus.groovy.grails.plugins.springsecurity.Secured
 
+@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager'])
 class AssetSubItemExtendedAttributeDetailedController extends BaseController {
-
-    def index = { redirect(controller: "assetDetailed", action: "search", params:params) }
 
     // the delete, save and update actions only accept POST requests
     static allowedMethods = [delete:'POST', save:'POST', update:'POST']
+
+    def index = { redirect(controller: "assetDetailed", action: "search", params:params) }
 
     def show = {

trunk/grails-app/controllers/AssignedGroupDetailedController.groovy

@@ -1 +1 @@
 import org.codehaus.groovy.grails.plugins.springsecurity.Secured
 
+@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager'])
 class AssignedGroupDetailedController extends BaseController {
 

trunk/grails-app/controllers/AssignedPersonDetailedController.groovy

@@ -1 +1 @@
 import org.codehaus.groovy.grails.plugins.springsecurity.Secured
 
+@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager'])
 class AssignedPersonDetailedController extends BaseController {
 

trunk/grails-app/controllers/BaseController.groovy

@@ -1 +1 @@
 import org.codehaus.groovy.grails.plugins.springsecurity.Secured
 
-@Secured(['ROLE_AppUser', 'ROLE_AppAdmin'])
+@Secured(['ROLE_AppAdmin', 'ROLE_AppUser'])
 abstract class BaseController {
 

trunk/grails-app/controllers/EntryDetailedController.groovy

@@ -1 +1 @@
 import org.codehaus.groovy.grails.plugins.springsecurity.Secured
 
+@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 'ROLE_TaskUser'])
 class EntryDetailedController extends BaseController {
 

trunk/grails-app/controllers/InventoryItemDetailedController.groovy

@@ -1 +1 @@
 import org.codehaus.groovy.grails.plugins.springsecurity.Secured
 
+@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_InventoryManager'])
 class InventoryItemDetailedController extends BaseController {
 
@@ -7 +8 @@
     def inventoryMovementService
 
-    def index = { redirect(action:search, params:params) }
-
     // the delete, save and update actions only accept POST requests
     static allowedMethods = [delete:'POST', save:'POST', update:'POST', useInventoryItem:'POST']
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_InventoryManager', 'ROLE_InventoryUser'])
+    def index = { redirect(action:search, params:params) }
+
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_InventoryManager', 'ROLE_InventoryUser'])
     def list = {
         params.max = Math.min( params.max ? params.max.toInteger() : 10,  100)
@@ -17 +20 @@
     }
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_InventoryManager', 'ROLE_InventoryUser'])
     def search = {
         params.max = Math.min( params.max ? params.max.toInteger() : 10,  100)
@@ -34 +38 @@
     * Simply assigns a passed in task id to a session variable and redirects to search.
     */
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_InventoryManager', 'ROLE_InventoryUser'])
     def findInventoryItemForMovement = {
         if(!params.task?.id) {
@@ -46 +51 @@
     }
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_InventoryManager', 'ROLE_InventoryUser'])
     def show = {
 
@@ -164 +170 @@
     * Handles the use inventory item form submit in the show view.
     */
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_InventoryManager', 'ROLE_InventoryUser'])
     def useInventoryItem = {
 

trunk/grails-app/controllers/InventoryLocationDetailedController.groovy

@@ -1 +1 @@
 import org.codehaus.groovy.grails.plugins.springsecurity.Secured
 
+@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_InventoryManager'])
 class InventoryLocationDetailedController extends BaseController {
-    
-    def index = { redirect(action:list,params:params) }
 
     // the delete, save and update actions only accept POST requests
     static allowedMethods = [delete:'POST', save:'POST', update:'POST']
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_InventoryManager', 'ROLE_InventoryUser'])
+    def index = { redirect(action:list,params:params) }
+
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_InventoryManager', 'ROLE_InventoryUser'])
     def list = {
         params.max = Math.min( params.max ? params.max.toInteger() : 10,  100)
@@ -13 +16 @@
     }
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_InventoryManager', 'ROLE_InventoryUser'])
     def show = {
         def inventoryLocationInstance = InventoryLocation.get( params.id )

trunk/grails-app/controllers/InventoryMovementDetailedController.groovy

@@ -1 +1 @@
 import org.codehaus.groovy.grails.plugins.springsecurity.Secured
 
+@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_InventoryManager'])
 class InventoryMovementDetailedController extends BaseController {
 
     def inventoryMovementService
 
-    def index = { redirect(action:list,params:params) }
-
     // the delete, save and update actions only accept POST requests
     static allowedMethods = [delete:'POST', save:'POST']
+
+    def index = { redirect(action:list,params:params) }
 
     def list = {
@@ -15 +16 @@
     }
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_InventoryManager', 'ROLE_InventoryUser'])
     def show = {
         def inventoryMovementInstance = InventoryMovement.get( params.id )
@@ -29 +31 @@
     * @param params.inventoryItem.id The id of an existing inventory item.
     */
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_InventoryManager', 'ROLE_InventoryUser'])
     def listInventoryMovements = {
         def inventoryItemInstance = InventoryItem.get(params.inventoryItem.id)

trunk/grails-app/controllers/MaintenanceActionDetailedController.groovy

@@ -1 +1 @@
 import org.codehaus.groovy.grails.plugins.springsecurity.Secured
 
+@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager'])
 class MaintenanceActionDetailedController extends BaseController {
-    
-    def index = { redirect(action:list,params:params) }
 
     // the delete, save and update actions only accept POST requests
     static allowedMethods = [delete:'POST', save:'POST', update:'POST']
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager', 'ROLE_AssetUser'])
+    def index = { redirect(action:list,params:params) }
+
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager', 'ROLE_AssetUser'])
     def list = {
         params.max = Math.min( params.max ? params.max.toInteger() : 10,  100)
@@ -13 +16 @@
     }
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager', 'ROLE_AssetUser'])
     def show = {
         def maintenanceActionInstance = MaintenanceAction.get( params.id )

trunk/grails-app/controllers/MaintenancePolicyController.groovy

@@ -1 +1 @@
 import org.codehaus.groovy.grails.plugins.springsecurity.Secured
 
+@Secured(['ROLE_Manager','ROLE_AppAdmin'])
 class MaintenancePolicyController extends BaseAppAdminController {
     

trunk/grails-app/controllers/PictureDetailedController.groovy

@@ -1 +1 @@
 import org.codehaus.groovy.grails.plugins.springsecurity.Secured
 
+@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_InventoryManager', 'ROLE_InventoryUser'])
 class PictureDetailedController extends BaseController {
 

trunk/grails-app/controllers/SectionDetailedController.groovy

@@ -1 +1 @@
 import org.codehaus.groovy.grails.plugins.springsecurity.Secured
 
-@Secured(['ROLE_Manager','ROLE_AppAdmin'])
+@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager'])
 class SectionDetailedController extends BaseController {
 
@@ -7 +7 @@
     static allowedMethods = [delete:'POST', save:'POST', update:'POST']
 
-    @Secured(['ROLE_AppAdmin','ROLE_Manager','ROLE_AppUser'])
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager', 'ROLE_AssetUser'])
     def index = { redirect(action:list,params:params) }
 
-    @Secured(['ROLE_AppAdmin','ROLE_Manager','ROLE_AppUser'])
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager', 'ROLE_AssetUser'])
     def list = {
         params.max = Math.min( params.max ? params.max.toInteger() : 10,  100)
@@ -16 +16 @@
     }
 
-    @Secured(['ROLE_AppAdmin','ROLE_Manager','ROLE_AppUser'])
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager', 'ROLE_AssetUser'])
     def show = {
         def sectionInstance = Section.get( params.id )

trunk/grails-app/controllers/SectionExtendedAttributeDetailedController.groovy

@@ -1 +1 @@
 import org.codehaus.groovy.grails.plugins.springsecurity.Secured
 
-@Secured(['ROLE_Manager','ROLE_AppAdmin'])
+@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager'])
 class SectionExtendedAttributeDetailedController extends BaseController {
     

trunk/grails-app/controllers/SiteDetailedController.groovy

@@ -1 +1 @@
 import org.codehaus.groovy.grails.plugins.springsecurity.Secured
 
-@Secured(['ROLE_Manager','ROLE_AppAdmin'])
+@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager'])
 class SiteDetailedController extends BaseController {
 
@@ -7 +7 @@
     static allowedMethods = [delete:'POST', save:'POST', update:'POST']
 
-    @Secured(['ROLE_AppAdmin','ROLE_Manager','ROLE_AppUser'])
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager', 'ROLE_AssetUser'])
     def index = { redirect(action:list,params:params) }
 
-    @Secured(['ROLE_AppAdmin','ROLE_Manager','ROLE_AppUser'])
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager', 'ROLE_AssetUser'])
     def list = {
         params.max = Math.min( params.max ? params.max.toInteger() : 10,  100)
@@ -16 +16 @@
     }
 
-    @Secured(['ROLE_AppAdmin','ROLE_Manager','ROLE_AppUser'])
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager', 'ROLE_AssetUser'])
     def show = {
         def siteInstance = Site.get( params.id )

trunk/grails-app/controllers/SiteExtendedAttributeDetailedController.groovy

@@ -1 +1 @@
 import org.codehaus.groovy.grails.plugins.springsecurity.Secured
 
-@Secured(['ROLE_Manager','ROLE_AppAdmin'])
+@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AssetManager'])
 class SiteExtendedAttributeDetailedController extends BaseController {
     

trunk/grails-app/controllers/TaskDetailedController.groovy

@@ -3 +3 @@
 import com.zeddware.grails.plugins.filterpane.FilterUtils
 
+@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager'])
 class TaskDetailedController extends BaseController {
 
@@ -15 +16 @@
     static allowedMethods = [save:'POST', update:'POST', restore:'POST', trash:'POST', approve:'POST', renegeApproval:'POST', complete:'POST', reopen:'POST']
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 'ROLE_TaskUser'])
     def index = { redirect(action: 'search', params: params) }
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 'ROLE_TaskUser'])
     def list = {
         params.max = Math.min( params.max ? params.max.toInteger() : 10,  100 )
@@ -22 +25 @@
     }
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 'ROLE_TaskUser'])
     def setTaskSearchParamsMax = {
         def max = 1000
@@ -34 +38 @@
     }
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 'ROLE_TaskUser'])
     def search = {
 
@@ -119 +124 @@
     } // end search()
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 'ROLE_TaskUser'])
     def searchCalendar = {
         params.max = 30
@@ -164 +170 @@
     }
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 'ROLE_TaskUser'])
     def budget = {
         params.max = Math.min( params.max ? params.max.toInteger() : 10,  100 )
@@ -210 +217 @@
     }
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 'ROLE_TaskUser'])
     def show = {
 
@@ -400 +408 @@
     }
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 'ROLE_TaskUser'])
     def complete = {
 
@@ -425 +434 @@
     }
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 'ROLE_TaskUser'])
     def reopen = {
 
@@ -450 +460 @@
     }
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 'ROLE_TaskUser'])
     def edit = {
 
@@ -474 +485 @@
     }
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 'ROLE_TaskUser'])
     def update = {
 
@@ -493 +505 @@
     }
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 'ROLE_TaskUser'])
     def create = {
         def taskInstance = new Task()
@@ -506 +519 @@
     }
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 'ROLE_TaskUser'])
     def save = {
         def result = taskService.create(params)
@@ -525 +539 @@
     }
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 'ROLE_TaskUser'])
     def listSubTasks = {
         def parentTaskInstance = Task.get(params.id)
@@ -543 +558 @@
     }
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 'ROLE_TaskUser'])
     def createSubTask = {
         def parentTaskInstance = Task.get(params.id)

trunk/grails-app/controllers/TaskProcedureDetailedController.groovy

@@ -1 +1 @@
 import org.codehaus.groovy.grails.plugins.springsecurity.Secured
 
+@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager'])
 class TaskProcedureDetailedController extends BaseController {
 
@@ -10 +11 @@
     static allowedMethods = [delete:'POST', save:'POST', update:'POST']
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 'ROLE_TaskUser'])
     def list = {
         params.max = Math.min( params.max ? params.max.toInteger() : 10,  100)
@@ -23 +25 @@
     }
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 'ROLE_TaskUser'])
     def search = {
         redirect(action:list)
     }
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 'ROLE_TaskUser'])
     def show = {
 

trunk/grails-app/controllers/TaskRecurringScheduleDetailedController.groovy

@@ -1 +1 @@
 import org.codehaus.groovy.grails.plugins.springsecurity.Secured
 
+@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager'])
 class TaskRecurringScheduleDetailedController extends BaseController {
 
     def taskRecurringScheduleService
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 'ROLE_TaskUser'])
     def index = { redirect(action:list,params:params) }
 
@@ -10 +12 @@
     static allowedMethods = [delete:'POST', save:'POST', update:'POST']
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 'ROLE_TaskUser'])
     def list = {
         params.max = Math.min( params.max ? params.max.toInteger() : 10,  100)
@@ -15 +18 @@
     }
 
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 'ROLE_TaskUser'])
     def show = {
         def taskRecurringScheduleInstance = TaskRecurringSchedule.get( params.id )

trunk/grails-app/services/CreateDataService.groovy

@@ -180 +180 @@
         // Authority #7
         authInstance = new Authority(description:"Inventory User",
-                                        authority:"ROLE_InvetoryUser")
+                                        authority:"ROLE_InventoryUser")
         saveAndTest(authInstance)