Context Navigation

source: trunk/grails-app/controllers/EntryDetailedController.groovy @ 298

Last change on this file since 298 was 298, checked in by gav, 14 years ago
Set base authorisations on all controllers.
File size: 4.2 KB

Line
1	import org.codehaus.groovy.grails.plugins.springsecurity.Secured
2
3	@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 'ROLE_TaskUser'])
4	class EntryDetailedController extends BaseController {
5
6	def authService
7	def taskService
8
9	def index = { redirect(action:list,params:params) }
10
11	// the delete, save and update actions only accept POST requests
12	static allowedMethods = [delete:'POST', save:'POST', update:'POST']
13
14	def list = {
15	if(!params.max) params.max = 10
16	[ entryInstanceList: Entry.list( params ) ]
17	}
18
19	def show = {
20	def entryInstance = Entry.get( params.id )
21
22	if(!entryInstance) {
23	flash.message = "Entry not found with id ${params.id}"
24	redirect(controller: 'taskDetailed', action: 'search')
25	}
26	else { return [ entryInstance : entryInstance ] }
27	}
28
29	def delete = {
30	def entryInstance = Entry.get( params.id )
31	if(entryInstance) {
32	if(entryInstance.enteredBy.loginName == authService.currentUser.loginName) {
33	def taskID = entryInstance.task.id
34	entryInstance.delete(flush:true)
35	flash.message = "Entry ${params.id} deleted"
36	redirect(controller: 'taskDetailed', action: 'show', id: taskID)
37	}
38	else {
39	flash.message = "You may only delete your own entries."
40	redirect(action:show,id:entryInstance.id)
41	}
42
43	}
44	else {
45	flash.message = "Entry not found with id ${params.id}"
46	redirect(controller: "taskDetailed", action:"search")
47	}
48	}
49
50	def edit = {
51	def entryInstance = Entry.get( params.id )
52	if(!entryInstance) {
53	flash.message = "Entry not found with id ${params.id}"
54	redirect(controller: "taskDetailed", action:"search")
55	}
56	else {
57
58	if(entryInstance.enteredBy.loginName == authService.currentUser.loginName) {
59	return [ entryInstance : entryInstance ]
60	}
61	else {
62	flash.message = "You may only edit your own entries."
63	redirect(action:show,id:entryInstance.id)
64	}
65
66	}
67	}
68
69	def update = {
70	def entryInstance = Entry.get( params.id )
71	if(entryInstance) {
72	// The update method only accepts post requests, so this is just in case.
73	if(entryInstance.enteredBy.loginName == authService.currentUser.loginName) {
74	entryInstance.properties = params
75	if(!entryInstance.hasErrors() && entryInstance.save(flush: true)) {
76	flash.message = "Entry ${params.id} updated"
77	redirect(action:show,id:entryInstance.id)
78	}
79	else {
80	render(view:'edit',model:[entryInstance:entryInstance])
81	}
82	}
83	else {
84	flash.message = "You may only edit your own entries."
85	redirect(action:show,id:entryInstance.id)
86	}
87	}
88	else {
89	flash.message = "Entry not found with id ${params.id}"
90	redirect(controller: "taskDetailed", action:"search")
91	}
92	}
93
94	def create = {
95	try {
96	def taskInstance = Task.get(params.taskInstance.id)
97	def entryInstance = new Entry()
98	entryInstance.task = taskInstance
99	entryInstance.entryType = EntryType.get(params.entryType.id)
100	return ['entryInstance':entryInstance]
101	}
102	catch(Exception e) {
103	flash.message = "Please select a task, then 'Add Entry'."
104	redirect(controller:"taskDetailed", action:"search")
105	}
106	}
107
108	def save = {
109	def result = taskService.createEntry(params)
110
111	if(!result.error) {
112	flash.message = "Entry created."
113	redirect(controller: "taskDetailed", action: "show", id: result.taskId)
114	}
115	else {
116	if(result.entryInstance) {
117	render(view:'create',model:[entryInstance: result.entryInstance])
118	}
119	else {
120	flash.message = "Could not create entry."
121	redirect(controller: "taskDetailed", action:"search")
122	}
123
124	}
125	}
126
127	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: