The tags are basically:
<g:isNotLoggedIn>
...
</g:isNotLoggedIn>
<g:isLoggedIn>
...
</g:isLoggedIn>
<g:ifAnyGranted role="ROLE_ADMINISTRATOR,ROLE_VIEWER">
...
</g:ifAnyGranted>
To place a login link use:
<g:isNotLoggedIn>Here's a trick, if you're using views instead of tables to define your roles (for tables, use Bootstrap.groovy) you can fake results from a remote system like this:
<div style="margin-left:20px;">
<g:link controller="login" action="auth">Click Here to Login</g:link>
</div>
</g:isNotLoggedIn>
And follow a similar trick for the Person and PersonRole views.
create view role_vw as
select 1111 as ID,
'ROLE_ADMINISTRATOR' AS AUTHORITY,
0 as VERSION,
'Admin' as DESCRIPTION
from dual
union
select 2222 as ID,
'ROLE_VIEWER' AS AUTHORITY,
0 as VERSION,
'Viewer' as DESCRIPTION
from dual
I found an annoying quirk when attempting to use constants in the @Secured annotation.
@Secured(['ROLE_ADMINISTRATOR']) works fine but @Secured([RoleNames.ADMIN]) where RoleNames.ADMIN is a public static final constant in a class or interface doesn't work. This is tedious because I'll have to search and replace the role names if the product owner changes them. The GSPs also have the roles hardcoded, so not a big deal.
-Ben Hidalgo
No comments:
Post a Comment