source: trunk/grails-app/controllers/AppCoreController.groovy @ 298

Last change on this file since 298 was 298, checked in by gav, 10 years ago

Set base authorisations on all controllers.

File size: 6.3 KB
Line 
1import org.codehaus.groovy.grails.plugins.springsecurity.Secured
2
3/**
4* Controller class for the application core views.
5*/
6class AppCoreController extends BaseController {
7
8    def authService
9    def appConfigService
10    def createDataService
11    def createBulkDataService
12
13    def index = { redirect(action:start,params:params) }
14
15    // the delete, save and update actions only accept POST requests
16    //def allowedMethods = [delete:'POST', save:'POST', update:'POST']
17
18    /**
19    * This is where we arrive after login.
20    *  Attach the welcome flash message and redirect to where ever we want the user to start.
21    * e.g. redirect(controller:"taskDetailed", action:"search")
22    */
23    def welcome = {
24        def personInstance = authService.currentUser
25        flash.message = "Welcome, ${personInstance.firstName} ${personInstance.lastName}."
26
27        def sess = getSession()
28        sess.setMaxInactiveInterval(personInstance.sessionTimeout)
29        redirect(action:start)
30    }
31
32    /**
33    * Render the start view.
34    */
35    def start = {
36    }
37
38    /**
39    * Allow a person to change their session timeout setting.
40    */
41    def changeSessionTimeout = {
42        if (request.method == 'GET') {
43            def personInstance = authService.currentUser
44            return [ personInstance : personInstance ]       
45        }
46        if (request.method == 'POST') {
47            def personInstance = authService.currentUser
48                personInstance.properties = params
49                if (!personInstance.hasErrors() && personInstance.save(flush: true)) {
50                    def sess = getSession()
51                    sess.setMaxInactiveInterval(personInstance.sessionTimeout)
52                    flash.message = "Session timeout changed."
53                    redirect(action:start)
54                }
55                else {
56                    render(view:'changeSessionTimeout',model:[personInstance:personInstance])
57                }
58        }
59    }
60
61    /**
62    * Allow a person to change their password.
63    */
64    def changePassword = {
65        //def principal = authenticateService.principal()
66        //println principal.getAuthorities()
67
68        if (request.method == 'GET') {
69            def personInstance = authService.currentUser
70            return [ personInstance : personInstance ]       
71        }
72
73        if (request.method == 'POST') {
74            def personInstance = authService.currentUser
75
76            if(params.confirmPass == params.pass) {
77                personInstance.pass = params.pass
78                personInstance.password = authenticateService.encodePassword(personInstance.pass)
79
80                if (!personInstance.hasErrors() && personInstance.save(flush: true)) {
81                    //userCache.removeUserFromCache(personInstance.loginName)
82                    flash.message = "Password changed successfully."
83                    redirect(action:start)
84                }
85                else {
86                    render(view:'changePassword',model:[personInstance:personInstance])
87                }
88            }
89            else {
90                personInstance.errors.reject('person.pass.doesNotMatch',            // Error code, see grails-app/i18n/message.properties
91                                                                ['pass', 'class Person'].toArray(),      // Groovy ListArray cast to Object[]
92                                                                 '[NothingUseMessageProperites]')  // Default mapping string.
93                render(view:'changePassword',model:[personInstance:personInstance])
94            }
95
96        }
97    }
98
99    /**
100    * Render the manager view for manager or admin roles.
101    */
102    @Secured(['ROLE_AppAdmin', 'ROLE_Manager'])
103    def manager = {
104    }
105
106    /**
107    * Render the appAdmin view for admin roles.
108    */
109    @Secured(['ROLE_AppAdmin'])
110    def appAdmin = {
111
112        def offerBaseDataCreation = false
113        def offerDemoDataCreation = false
114        def baseDataCreated = appConfigService.exists("baseDataCreated")
115        def demoDataCreated = appConfigService.exists("demoDataCreated")
116        def demoDataCreationDisabled = appConfigService.exists("demoDataCreationDisabled")
117
118        if(!baseDataCreated)
119            offerBaseDataCreation = true
120
121        if(baseDataCreated && !demoDataCreated && !demoDataCreationDisabled)
122            offerDemoDataCreation = true
123
124        return[baseDataCreated: baseDataCreated,
125                        demoDataCreated: demoDataCreated,
126                        offerDemoDataCreation: offerDemoDataCreation,
127                        offerBaseDataCreation: offerBaseDataCreation,
128                        demoDataCreationDisabled: demoDataCreationDisabled]
129    }
130
131    /**
132    * Allow admin to disable demo data creation.
133    */
134    @Secured(['ROLE_AppAdmin'])
135    def disableDemoDataCreation = {
136        if(!appConfigService.set("demoDataCreationDisabled")) {
137            flash.message = "Demo data creation could not be disabled."
138            redirect(action: appAdmin)
139            return
140        }
141
142        // Success.
143        flash.message = "Demo data creation disabled."
144        redirect(action: appAdmin)
145    }
146
147    /**
148    * Allow admin to create base data.
149    */
150    @Secured(['ROLE_AppAdmin'])
151    def createBaseData = {
152        if(!createDataService.createBaseData()) {
153            flash.message = "Base data could not be created."
154            redirect(action: appAdmin)
155            return
156        }
157
158        // Success.
159        flash.message = "Base data created."
160        redirect(action: appAdmin)
161    }
162
163    /**
164    * Allow admin to create demo data.
165    */
166    @Secured(['ROLE_AppAdmin'])
167    def createDemoData = {
168        if(!createDataService.createDemoData()) {
169            flash.message = "Demo data could not be created."
170            redirect(action: appAdmin)
171            return
172        }
173
174        // Success.
175        flash.message = "Demo data created."
176        redirect(action: appAdmin)
177    }
178
179    /**
180    * Allow admin to create bulk test data.
181    */
182    @Secured(['ROLE_AppAdmin'])
183    def createBulkTestData = {
184        if(!createBulkDataService.create()) {
185            flash.message = "Bulk test data could not be created."
186            redirect(action: appAdmin)
187            return
188        }
189
190        // Success.
191        flash.message = "Bulk test data created."
192        redirect(action: appAdmin)
193    }
194
195} // end of class.
Note: See TracBrowser for help on using the repository browser.