Context Navigation

← Previous Change
Next Change →

Changeset 628 for trunk

Timestamp:

Jul 14, 2010, 1:18:53 PM (14 years ago)

Author:

gav

Message:

Full authorisation review.
Add manager role to BaseController.
Remove inventory manager role from CostCode controller as per ticket #77.
Remove inventory manager role from InventoryGroup controller CUD actions.
Add all manager roles to Address and Contact controllers.
Add production and task manager roles to ProductionReference controller.

Location:

trunk/grails-app/controllers

Files:

: 11 edited

AddressDetailedController.groovy (modified) (3 diffs)
BaseController.groovy (modified) (1 diff)
ContactDetailedController.groovy (modified) (3 diffs)
CostCodeDetailedController.groovy (modified) (1 diff)
DepartmentDetailedController.groovy (modified) (1 diff)
DepartmentExtendedAttributeDetailedController.groovy (modified) (1 diff)
ExtendedAttributeTypeDetailedController.groovy (modified) (1 diff)
InventoryGroupDetailedController.groovy (modified) (1 diff)
PersonController.groovy (modified) (1 diff)
ProductionReferenceDetailedController.groovy (modified) (1 diff)
UnitOfMeasureDetailedController.groovy (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

trunk/grails-app/controllers/AddressDetailedController.groovy

-                      r403
+                      r628
 import org.codehaus.groovy.grails.plugins.springsecurity.Secured
+@Secured(['ROLE_AppAdmin', 'ROLE_Manager'])
+@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager',
+                    'ROLE_InventoryManager', 'ROLE_AssetManager', 'ROLE_ProductionManager'])
 class AddressDetailedController extends BaseController {
     def addressService
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AppUser'])
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager',
+                        'ROLE_InventoryManager', 'ROLE_AssetManager', 'ROLE_ProductionManager', 'ROLE_AppUser'])
     def index = { redirect(action:list,params:params) }
 …
     static allowedMethods = [delete:'POST', save:'POST', update:'POST']
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AppUser'])
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager',
+                        'ROLE_InventoryManager', 'ROLE_AssetManager', 'ROLE_ProductionManager', 'ROLE_AppUser'])
     def list = {
         params.max = Math.min( params.max ? params.max.toInteger() : 10,  100)
 …
+    }
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AppUser'])
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager',
+                        'ROLE_InventoryManager', 'ROLE_AssetManager', 'ROLE_ProductionManager', 'ROLE_AppUser'])
     def show = {
         def addressInstance = Address.get( params.id )

trunk/grails-app/controllers/BaseController.groovy

r298	r628
1	1	import org.codehaus.groovy.grails.plugins.springsecurity.Secured
2	2
3		@Secured(['ROLE_AppAdmin', 'ROLE_AppUser'])
	3	@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AppUser'])
4	4	abstract class BaseController {
5	5

trunk/grails-app/controllers/ContactDetailedController.groovy

-                      r402
+                      r628
 import org.codehaus.groovy.grails.plugins.springsecurity.Secured
+@Secured(['ROLE_AppAdmin', 'ROLE_Manager'])
+@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager',
+                    'ROLE_InventoryManager', 'ROLE_AssetManager', 'ROLE_ProductionManager'])
 class ContactDetailedController extends BaseController {
     def contactService
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AppUser'])
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager',
+                        'ROLE_InventoryManager', 'ROLE_AssetManager', 'ROLE_ProductionManager', 'ROLE_AppUser'])
     def index = { redirect(action:list,params:params) }
 …
     static allowedMethods = [delete:'POST', save:'POST', update:'POST']
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AppUser'])
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager',
+                        'ROLE_InventoryManager', 'ROLE_AssetManager', 'ROLE_ProductionManager', 'ROLE_AppUser'])
     def list = {
         params.max = Math.min( params.max ? params.max.toInteger() : 10,  100)
 …
+    }
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AppUser'])
+    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager',
+                        'ROLE_InventoryManager', 'ROLE_AssetManager', 'ROLE_ProductionManager', 'ROLE_AppUser'])
     def show = {
         def contactInstance = Contact.get( params.id )

trunk/grails-app/controllers/CostCodeDetailedController.groovy

r441	r628
1	1	import org.codehaus.groovy.grails.plugins.springsecurity.Secured
2	2
3		@Secured(['ROLE_AppAdmin', 'ROLE_Manager'~~, 'ROLE_InventoryManager'~~])
	3	@Secured(['ROLE_AppAdmin', 'ROLE_Manager'])
4	4	class CostCodeDetailedController extends BaseController {
5	5

trunk/grails-app/controllers/DepartmentDetailedController.groovy

r403	r628
1	1	import org.codehaus.groovy.grails.plugins.springsecurity.Secured
2	2
3		@Secured(['ROLE_~~Manager','ROLE_AppAdmin~~'])
	3	@Secured(['ROLE_AppAdmin', 'ROLE_Manager'])
4	4	class DepartmentDetailedController extends BaseController {
5	5

trunk/grails-app/controllers/DepartmentExtendedAttributeDetailedController.groovy

r403	r628
1	1	import org.codehaus.groovy.grails.plugins.springsecurity.Secured
2	2
3		@Secured(['ROLE_~~Manager','ROLE_AppAdmin~~'])
	3	@Secured(['ROLE_AppAdmin', 'ROLE_Manager'])
4	4	class DepartmentExtendedAttributeDetailedController extends BaseController {
5	5

trunk/grails-app/controllers/ExtendedAttributeTypeDetailedController.groovy

r403	r628
1	1	import org.codehaus.groovy.grails.plugins.springsecurity.Secured
2	2
3		@Secured(['ROLE_~~Manager','ROLE_AppAdmin~~'])
	3	@Secured(['ROLE_AppAdmin', 'ROLE_Manager'])
4	4	class ExtendedAttributeTypeDetailedController extends BaseController {
5	5

trunk/grails-app/controllers/InventoryGroupDetailedController.groovy

r403	r628
1	1	import org.codehaus.groovy.grails.plugins.springsecurity.Secured
2	2
3		@Secured(['ROLE_AppAdmin', 'ROLE_Manager'~~, 'ROLE_InventoryManager'~~])
	3	@Secured(['ROLE_AppAdmin', 'ROLE_Manager'])
4	4	class InventoryGroupDetailedController extends BaseController {
5	5

trunk/grails-app/controllers/PersonController.groovy

r440	r628
2	2	import org.codehaus.groovy.grails.commons.ConfigurationHolder
3	3
4		@Secured(['ROLE_~~Manager','ROLE_AppAdmin~~'])
	4	@Secured(['ROLE_AppAdmin', 'ROLE_Manager'])
5	5	class PersonController extends BaseAppAdminController {
6	6

trunk/grails-app/controllers/ProductionReferenceDetailedController.groovy

r431	r628
1	1	import org.codehaus.groovy.grails.plugins.springsecurity.Secured
2	2
3		@Secured(['ROLE_AppAdmin', 'ROLE_Manager'])
	3	@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 'ROLE_ProductionManager'])
4	4	class ProductionReferenceDetailedController extends BaseController {
5	5

trunk/grails-app/controllers/UnitOfMeasureDetailedController.groovy

r559	r628
1	1	import org.codehaus.groovy.grails.plugins.springsecurity.Secured
2	2
3		@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_~~Task~~Manager'])
	3	@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_InventoryManager'])
4	4	class UnitOfMeasureDetailedController extends BaseController {
5	5

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset 628 for trunk

Legend:

Download in other formats: