Changeset 628


Ignore:
Timestamp:
07/14/10 13:18:53 (8 years ago)
Author:
gav
Message:

Full authorisation review.
Add manager role to BaseController.
Remove inventory manager role from CostCode controller as per ticket #77.
Remove inventory manager role from InventoryGroup controller CUD actions.
Add all manager roles to Address and Contact controllers.
Add production and task manager roles to ProductionReference controller.

Location:
trunk/grails-app/controllers
Files:
11 edited

Legend:

Unmodified
Added
Removed
  • trunk/grails-app/controllers/AddressDetailedController.groovy

    r403 r628  
    11import org.codehaus.groovy.grails.plugins.springsecurity.Secured 
    22 
    3 @Secured(['ROLE_AppAdmin', 'ROLE_Manager']) 
     3@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 
     4                    'ROLE_InventoryManager', 'ROLE_AssetManager', 'ROLE_ProductionManager']) 
    45class AddressDetailedController extends BaseController { 
    56 
    67    def addressService 
    78 
    8     @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AppUser']) 
     9    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 
     10                        'ROLE_InventoryManager', 'ROLE_AssetManager', 'ROLE_ProductionManager', 'ROLE_AppUser']) 
    911    def index = { redirect(action:list,params:params) } 
    1012 
     
    1214    static allowedMethods = [delete:'POST', save:'POST', update:'POST'] 
    1315 
    14     @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AppUser']) 
     16    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 
     17                        'ROLE_InventoryManager', 'ROLE_AssetManager', 'ROLE_ProductionManager', 'ROLE_AppUser']) 
    1518    def list = { 
    1619        params.max = Math.min( params.max ? params.max.toInteger() : 10,  100) 
     
    1821    } 
    1922 
    20     @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AppUser']) 
     23    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 
     24                        'ROLE_InventoryManager', 'ROLE_AssetManager', 'ROLE_ProductionManager', 'ROLE_AppUser']) 
    2125    def show = { 
    2226        def addressInstance = Address.get( params.id ) 
  • trunk/grails-app/controllers/BaseController.groovy

    r298 r628  
    11import org.codehaus.groovy.grails.plugins.springsecurity.Secured 
    22 
    3 @Secured(['ROLE_AppAdmin', 'ROLE_AppUser']) 
     3@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AppUser']) 
    44abstract class BaseController { 
    55 
  • trunk/grails-app/controllers/ContactDetailedController.groovy

    r402 r628  
    11import org.codehaus.groovy.grails.plugins.springsecurity.Secured 
    22 
    3 @Secured(['ROLE_AppAdmin', 'ROLE_Manager']) 
     3@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 
     4                    'ROLE_InventoryManager', 'ROLE_AssetManager', 'ROLE_ProductionManager']) 
    45class ContactDetailedController extends BaseController { 
    56 
    67    def contactService 
    78 
    8     @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AppUser']) 
     9    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 
     10                        'ROLE_InventoryManager', 'ROLE_AssetManager', 'ROLE_ProductionManager', 'ROLE_AppUser']) 
    911    def index = { redirect(action:list,params:params) } 
    1012 
     
    1214    static allowedMethods = [delete:'POST', save:'POST', update:'POST'] 
    1315 
    14     @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AppUser']) 
     16    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 
     17                        'ROLE_InventoryManager', 'ROLE_AssetManager', 'ROLE_ProductionManager', 'ROLE_AppUser']) 
    1518    def list = { 
    1619        params.max = Math.min( params.max ? params.max.toInteger() : 10,  100) 
     
    1821    } 
    1922 
    20     @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_AppUser']) 
     23    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 
     24                        'ROLE_InventoryManager', 'ROLE_AssetManager', 'ROLE_ProductionManager', 'ROLE_AppUser']) 
    2125    def show = { 
    2226        def contactInstance = Contact.get( params.id ) 
  • trunk/grails-app/controllers/CostCodeDetailedController.groovy

    r441 r628  
    11import org.codehaus.groovy.grails.plugins.springsecurity.Secured 
    22 
    3 @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_InventoryManager']) 
     3@Secured(['ROLE_AppAdmin', 'ROLE_Manager']) 
    44class CostCodeDetailedController extends BaseController { 
    55     
  • trunk/grails-app/controllers/DepartmentDetailedController.groovy

    r403 r628  
    11import org.codehaus.groovy.grails.plugins.springsecurity.Secured 
    22 
    3 @Secured(['ROLE_Manager','ROLE_AppAdmin']) 
     3@Secured(['ROLE_AppAdmin', 'ROLE_Manager']) 
    44class DepartmentDetailedController extends BaseController { 
    55     
  • trunk/grails-app/controllers/DepartmentExtendedAttributeDetailedController.groovy

    r403 r628  
    11import org.codehaus.groovy.grails.plugins.springsecurity.Secured 
    22 
    3 @Secured(['ROLE_Manager','ROLE_AppAdmin']) 
     3@Secured(['ROLE_AppAdmin', 'ROLE_Manager']) 
    44class DepartmentExtendedAttributeDetailedController extends BaseController { 
    55 
  • trunk/grails-app/controllers/ExtendedAttributeTypeDetailedController.groovy

    r403 r628  
    11import org.codehaus.groovy.grails.plugins.springsecurity.Secured 
    22 
    3 @Secured(['ROLE_Manager','ROLE_AppAdmin']) 
     3@Secured(['ROLE_AppAdmin', 'ROLE_Manager']) 
    44class ExtendedAttributeTypeDetailedController extends BaseController { 
    55     
  • trunk/grails-app/controllers/InventoryGroupDetailedController.groovy

    r403 r628  
    11import org.codehaus.groovy.grails.plugins.springsecurity.Secured 
    22 
    3 @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_InventoryManager']) 
     3@Secured(['ROLE_AppAdmin', 'ROLE_Manager']) 
    44class InventoryGroupDetailedController extends BaseController { 
    55 
  • trunk/grails-app/controllers/PersonController.groovy

    r440 r628  
    22import org.codehaus.groovy.grails.commons.ConfigurationHolder 
    33 
    4 @Secured(['ROLE_Manager','ROLE_AppAdmin']) 
     4@Secured(['ROLE_AppAdmin', 'ROLE_Manager']) 
    55class PersonController extends BaseAppAdminController { 
    66 
  • trunk/grails-app/controllers/ProductionReferenceDetailedController.groovy

    r431 r628  
    11import org.codehaus.groovy.grails.plugins.springsecurity.Secured 
    22 
    3 @Secured(['ROLE_AppAdmin', 'ROLE_Manager']) 
     3@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager', 'ROLE_ProductionManager']) 
    44class ProductionReferenceDetailedController extends BaseController { 
    55 
  • trunk/grails-app/controllers/UnitOfMeasureDetailedController.groovy

    r559 r628  
    11import org.codehaus.groovy.grails.plugins.springsecurity.Secured 
    22 
    3 @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_TaskManager']) 
     3@Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_InventoryManager']) 
    44class UnitOfMeasureDetailedController extends BaseController { 
    55     
Note: See TracChangeset for help on using the changeset viewer.