Context Navigation

source: trunk/grails-app/controllers/PersonController.groovy @ 403

Last change on this file since 403 was 403, checked in by gav, 14 years ago
Change all controllers to use default.optimistic.locking.failure.
File size: 7.4 KB

Rev	Line
[62]	1	import org.codehaus.groovy.grails.plugins.springsecurity.Secured
[58]	2
[149]	3	@Secured(['ROLE_Manager','ROLE_AppAdmin'])
[97]	4	class PersonController extends BaseAppAdminController {
[58]	5
[147]	6	def authenticateService
	7	def filterService
[58]	8
[150]	9	// the delete, save and update actions only accept POST requests
	10	static Map allowedMethods = [delete: 'POST', save: 'POST', update: 'POST']
[58]	11
[150]	12	def index = {
	13	redirect action: list, params: params
	14	}
[58]	15
[147]	16	def list = {
	17	params.max = Math.min( params.max ? params.max.toInteger() : 10, 100 )
[58]	18
[250]	19	if(!params.filter) {
	20	return [personList: Person.list(params),
	21	personTotal: Person.count(),
	22	filterParams: params]
	23	}
[147]	24
	25	// filterPane:
	26	return[ personList: filterService.filter( params, Person ),
	27	personTotal: filterService.count( params, Person ),
	28	filterParams: com.zeddware.grails.plugins.filterpane.FilterUtils.extractFilterParams(params),
	29	params:params ]
	30	}
	31
[150]	32	def show = {
[147]	33
	34	// In the case of an actionSubmit button, rewrite action name from 'index'.
	35	if(params._action_Show)
[375]	36	params.action='show'
[147]	37
[150]	38	def person = Person.get(params.id)
	39	if (!person) {
	40	flash.message = "Person not found with id $params.id"
	41	redirect action: list
	42	return
	43	}
[295]	44	def authorityList = person.authorities.sort { p1, p2 -> p1.id <=> p2.id }
	45	[person: person, authorityList: authorityList]
[150]	46	}
[58]	47
[150]	48	/**
	49	* Person delete action. Before removing an existing person,
	50	* they should be removed from those authorities which they are involved.
	51	*/
	52	def delete = {
[58]	53
[150]	54	def person = Person.get(params.id)
	55	if (person) {
	56	def authPrincipal = authenticateService.principal()
	57	// Avoid self-delete.
	58	if (!(authPrincipal instanceof String) && authPrincipal.username == person.loginName) {
	59	flash.message = "You cannot delete yourself, please login as another manager and try again."
[147]	60	redirect(action:show,id:params.id)
[150]	61	}
	62	else {
	63	//first, delete this person from Persons_Authorities table.
	64	Authority.findAll().each { it.removeFromPersons(person) }
[147]	65	person.isActive = false
	66	person.save(flush: true)
	67
[97]	68	try {
[147]	69	person.delete(flush: true)
[91]	70	flash.message = "Person $params.id deleted."
[97]	71	redirect(action:list)
	72	}
	73	catch(org.springframework.dao.DataIntegrityViolationException e) {
	74	flash.message = "Could not delete '$person.loginName' due to database constraints, but all authorities have been removed."
	75	redirect(action:show,id:params.id)
	76	}
[150]	77	}
	78	}
	79	else {
	80	flash.message = "Person not found with id $params.id"
	81	}
	82	}
[58]	83
[150]	84	def edit = {
[58]	85
[147]	86	// In the case of an actionSubmit button, rewrite action name from 'index'.
	87	if(params._action_Edit)
[375]	88	params.action='edit'
[147]	89
[150]	90	def person = Person.get(params.id)
	91	if (!person) {
	92	flash.message = "Person not found with id $params.id"
	93	redirect action: list
	94	return
	95	}
	96	params.message = "To allow login at least the 'ROLE_AppUser' authority must be given."
	97	return buildPersonModel(person)
	98	}
[58]	99
[150]	100	/**
[294]	101	* Person update action.
	102	*/
[150]	103	def update = {
[294]	104	Person.withTransaction { status ->
[58]	105
[294]	106	def person = Person.get(params.id)
	107	if (!person) {
	108	flash.message = "Person not found with id $params.id"
	109	redirect action: edit, id: params.id
	110	return
	111	}
[58]	112
[294]	113	long version = params.version.toLong()
	114	if (person.version > version) {
[403]	115	person.errors.rejectValue 'version', "default.optimistic.locking.failure"
[294]	116	render view: 'edit', model: buildPersonModel(person)
	117	return
	118	}
[58]	119
[294]	120	person.properties = params
	121	person.setPersonGroupsFromCheckBoxList(params.personGroups)
[73]	122
[294]	123	if(params.pass == "") {
	124	person.pass = "InsertNothingToClearValidation"
[73]	125	}
[294]	126	else {
	127	if (person.validate()) {
	128	person.password = authenticateService.encodePassword(params.pass)
	129	}
	130	}
[73]	131
[294]	132	if (!person.hasErrors() && person.save(flush: true)) {
[295]	133	addRemoveAuthorities(person)
[294]	134	flash.message = "Person '$params.id - $params.loginName' updated."
	135	redirect action: show, id: person.id
	136	}
	137	else {
	138	render view: 'edit', model: buildPersonModel(person)
	139	}
[73]	140
[294]	141	} //end withTransaction
	142	} // update()
[58]	143
[150]	144	def create = {
	145	params.message = "To allow login at least the 'ROLE_AppUser' authority must be given."
[294]	146	[person: new Person(params), authorityList: getLimitedAuthorityList()]
[150]	147	}
[58]	148
[150]	149	/**
[294]	150	* Person save action.
	151	*/
[150]	152	def save = {
[294]	153	Person.withTransaction { status ->
[58]	154
[294]	155	def person = new Person()
	156	person.properties = params
	157	person.password = authenticateService.encodePassword(params.pass)
	158	person.setPersonGroupsFromCheckBoxList(params.personGroups)
	159	if (person.save(flush: true)) {
[295]	160	addRemoveAuthorities(person)
[294]	161	redirect action: show, id: person.id
	162	}
	163	else {
	164	render view: 'create', model: [person: person, authorityList: getLimitedAuthorityList()]
	165	}
	166
	167	} //end withTransaction
[150]	168	}
[58]	169
[295]	170	/**
	171	* Add or remove authorities from person as indicated in params.
	172	*/
	173	private void addRemoveAuthorities(person) {
	174	def authMap = [:]
	175
	176	// Build authMap from params.
[294]	177	for (key in params.keySet()) {
[295]	178	if(key.startsWith("ROLE")) {
	179	authMap.(key.toString()) = "add"
	180	}
	181	else if(key.startsWith("_ROLE")) {
	182	if( !authMap.(key.substring(1)) ) authMap.(key.substring(1)) = "remove"
	183	}
[150]	184	}
[295]	185
	186	// Add or remove authorities.
	187	for(a in authMap) {
	188	if(a.value == "add")
	189	Authority.findByAuthority(a.key.toString()).addToPersons(person)
	190	else
	191	Authority.findByAuthority(a.key.toString()).removeFromPersons(person)
	192	}
[150]	193	}
[58]	194
[150]	195	private Map buildPersonModel(person) {
[58]	196
[294]	197	List roles = getLimitedAuthorityList()
[150]	198	Set userRoleNames = []
	199	for (role in person.authorities) {
	200	userRoleNames << role.authority
	201	}
	202	LinkedHashMap<Authority, Boolean> roleMap = [:]
	203	for (role in roles) {
	204	roleMap[(role)] = userRoleNames.contains(role.authority)
	205	}
[58]	206
[150]	207	return [person: person, roleMap: roleMap]
	208	}
[294]	209
	210	/**
	211	* Get the full authorityList if current user is an App Admin else leave that authority off the list.
	212	*/
[295]	213	private List getLimitedAuthorityList() {
[294]	214	def authorityList = []
	215	if(authenticateService.ifAnyGranted('ROLE_AppAdmin'))
[295]	216	authorityList = Authority.list().sort { p1, p2 -> p1.id <=> p2.id }
[294]	217	else
[295]	218	authorityList = Authority.withCriteria { gt("id", 1L) }.sort { p1, p2 -> p1.id <=> p2.id }
[294]	219
	220	return authorityList
	221	}
[295]	222	} // end class

Note: See TracBrowser for help on using the repository browser.

Download in other formats: