source: trunk/grails-app/controllers/AddressDetailedController.groovy @ 967

Revision 628, 4.1 KB checked in by gav, 8 years ago (diff)

Full authorisation review.
Add manager role to BaseController.
Remove inventory manager role from CostCode controller as per ticket #77.
Remove inventory manager role from InventoryGroup controller CUD actions.
Add all manager roles to Address and Contact controllers.
Add production and task manager roles to ProductionReference controller.

Line 
1import org.codehaus.groovy.grails.plugins.springsecurity.Secured
2
3@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager',
4                    'ROLE_InventoryManager', 'ROLE_AssetManager', 'ROLE_ProductionManager'])
5class AddressDetailedController extends BaseController {
6
7    def addressService
8
9    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager',
10                        'ROLE_InventoryManager', 'ROLE_AssetManager', 'ROLE_ProductionManager', 'ROLE_AppUser'])
11    def index = { redirect(action:list,params:params) }
12
13    // the delete, save and update actions only accept POST requests
14    static allowedMethods = [delete:'POST', save:'POST', update:'POST']
15
16    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager',
17                        'ROLE_InventoryManager', 'ROLE_AssetManager', 'ROLE_ProductionManager', 'ROLE_AppUser'])
18    def list = {
19        params.max = Math.min( params.max ? params.max.toInteger() : 10,  100)
20        [ addressInstanceList: Address.list( params ), addressInstanceTotal: Address.count() ]
21    }
22
23    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager',
24                        'ROLE_InventoryManager', 'ROLE_AssetManager', 'ROLE_ProductionManager', 'ROLE_AppUser'])
25    def show = {
26        def addressInstance = Address.get( params.id )
27
28        if(!addressInstance) {
29            flash.message = "Address not found with id ${params.id}"
30            redirect(action:list)
31        }
32        else { return [ addressInstance : addressInstance ] }
33    }
34
35    def delete = {
36        def addressInstance = Address.get( params.id )
37        if(addressInstance) {
38            try {
39                addressInstance.delete(flush:true)
40                flash.message = "Address ${params.id} deleted"
41                redirect(action:list)
42            }
43            catch(org.springframework.dao.DataIntegrityViolationException e) {
44                flash.message = "Address ${params.id} could not be deleted"
45                redirect(action:show,id:params.id)
46            }
47        }
48        else {
49            flash.message = "Address not found with id ${params.id}"
50            redirect(action:list)
51        }
52    }
53
54    def edit = {
55        def addressInstance = Address.get( params.id )
56
57        if(!addressInstance) {
58            flash.message = "Address not found with id ${params.id}"
59            redirect(action:list)
60        }
61        else {
62            return [ addressInstance : addressInstance ]
63        }
64    }
65
66    def update = {
67        def addressInstance = Address.get( params.id )
68        if(addressInstance) {
69            if(params.version) {
70                def version = params.version.toLong()
71                if(addressInstance.version > version) {
72
73                    addressInstance.errors.rejectValue("version", "default.optimistic.locking.failure")
74                    render(view:'edit',model:[addressInstance:addressInstance])
75                    return
76                }
77            }
78            addressInstance.properties = params
79            if(!addressInstance.hasErrors() && addressInstance.save(flush: true)) {
80                flash.message = "Address ${params.id} updated"
81                redirect(action:show,id:addressInstance.id)
82            }
83            else {
84                render(view:'edit',model:[addressInstance:addressInstance])
85            }
86        }
87        else {
88            flash.message = "Address not found with id ${params.id}"
89            redirect(action:list)
90        }
91    }
92
93    def create = {
94        def result = addressService.create(params)
95
96        if(!result.error)
97            return [addressInstance: result.addressInstance]
98
99        flash.errorMessage = g.message(code: result.error.code, args: result.error.args)
100        redirect(action: list)
101    }
102
103    def save = {
104        def result = addressService.save(params)
105
106        if(!result.error) {
107            flash.message = g.message(code: "default.create.success", args: ["Address", result.addressInstance.id])
108            redirect(action:show, id: result.addressInstance.id)
109            return
110        }
111
112        render(view:'create', model:[addressInstance: result.addressInstance])
113    }
114
115}
Note: See TracBrowser for help on using the repository browser.