root/trunk/grails-app/controllers/CostCodeDetailedController.groovy @ 628

Revision 628, 3.7 KB (checked in by gav, 4 years ago)

Full authorisation review.
Add manager role to BaseController.
Remove inventory manager role from CostCode controller as per ticket #77.
Remove inventory manager role from InventoryGroup controller CUD actions.
Add all manager roles to Address and Contact controllers.
Add production and task manager roles to ProductionReference controller.

Line 
1import org.codehaus.groovy.grails.plugins.springsecurity.Secured
2
3@Secured(['ROLE_AppAdmin', 'ROLE_Manager'])
4class CostCodeDetailedController extends BaseController {
5   
6    def index = { redirect(action:list,params:params) }
7
8    // the delete, save and update actions only accept POST requests
9    static allowedMethods = [delete:'POST', save:'POST', update:'POST']
10
11    def list = {
12        params.max = Math.min( params.max ? params.max.toInteger() : 10,  100)
13        [ costCodeInstanceList: CostCode.list( params ), costCodeInstanceTotal: CostCode.count() ]
14    }
15
16    def show = {
17
18        // In the case of an actionSubmit button, rewrite action name from 'index'.
19        if(params._action_Show)
20            params.action='show'
21
22        def costCodeInstance = CostCode.get( params.id )
23
24        if(!costCodeInstance) {
25            flash.message = "CostCode not found with id ${params.id}"
26            redirect(action:list)
27        }
28        else { return [ costCodeInstance : costCodeInstance ] }
29    }
30
31    def delete = {
32        def costCodeInstance = CostCode.get( params.id )
33        if(costCodeInstance) {
34            try {
35                costCodeInstance.delete(flush:true)
36                flash.message = "CostCode ${params.id} deleted"
37                redirect(action:list)
38            }
39            catch(org.springframework.dao.DataIntegrityViolationException e) {
40                flash.message = "CostCode ${params.id} could not be deleted"
41                redirect(action:show,id:params.id)
42            }
43        }
44        else {
45            flash.message = "CostCode not found with id ${params.id}"
46            redirect(action:list)
47        }
48    }
49
50    def edit = {
51
52        // In the case of an actionSubmit button, rewrite action name from 'index'.
53        if(params._action_Edit)
54            params.action='edit'
55
56        def costCodeInstance = CostCode.get( params.id )
57
58        if(!costCodeInstance) {
59            flash.message = "CostCode not found with id ${params.id}"
60            redirect(action:list)
61        }
62        else {
63            return [ costCodeInstance : costCodeInstance ]
64        }
65    }
66
67    def update = {
68        def costCodeInstance = CostCode.get( params.id )
69        if(costCodeInstance) {
70            if(params.version) {
71                def version = params.version.toLong()
72                if(costCodeInstance.version > version) {
73                   
74                    costCodeInstance.errors.rejectValue("version", "default.optimistic.locking.failure")
75                    render(view:'edit',model:[costCodeInstance:costCodeInstance])
76                    return
77                }
78            }
79            costCodeInstance.properties = params
80            if(!costCodeInstance.hasErrors() && costCodeInstance.save(flush: true)) {
81                flash.message = "CostCode ${params.id} updated"
82                redirect(action:show,id:costCodeInstance.id)
83            }
84            else {
85                render(view:'edit',model:[costCodeInstance:costCodeInstance])
86            }
87        }
88        else {
89            flash.message = "CostCode not found with id ${params.id}"
90            redirect(action:list)
91        }
92    }
93
94    def create = {
95        def costCodeInstance = new CostCode()
96        costCodeInstance.properties = params
97        return ['costCodeInstance':costCodeInstance]
98    }
99
100    def save = {
101        def costCodeInstance = new CostCode(params)
102        if(!costCodeInstance.hasErrors() && costCodeInstance.save(flush: true)) {
103            flash.message = "CostCode ${costCodeInstance.id} created"
104            redirect(action:show,id:costCodeInstance.id)
105        }
106        else {
107            render(view:'create',model:[costCodeInstance:costCodeInstance])
108        }
109    }
110}
Note: See TracBrowser for help on using the browser.