Grails Framework

From Objectif Client Inc
Jump to navigation Jump to search

Framework Setup

Security Setup

  • Add security addon inside BuildConfig configuuration file to enable Security core and UI addon
compile ':spring-security-core:2.0-RC4'
compile ":spring-security-ui:1.0-RC2"
compile ":spring-security-acl:2.0-RC2"
  • Compile the application to finalise the installation and download necessary library. From grails command line execute "complile"
  • Execute the script s2-quickstart to generate domains and update the configuration. From grails command line execute the following command:
s2-quickstart com.objclt.application.security User Authority --groupClassName=Role
  • Execute the script s2-create-acl-domains to copies the domain classes into your application
s2-create-acl-domains
  • Preload security by addind following info into BootStrap config file under "def init = { servletContext ->"
   if (!User.count()) {
      new User(username:'admin', password:'admin',enabled:true).save(failOnError:true)
    }

   if (!Role.count()) {
      new Role(name:'ROLE_ADMIN').save(failOnError:true)
      new Role(name:'ROLE_USER_MGT').save(failOnError:true)
   }

   if (!Authority.count()) {
	new Authority(authority:'ROLE_ADMIN').save(failOnError:true)
	new Authority(authority:'ROLE_USER_DSP').save(failOnError:true)
	new Authority(authority:'ROLE_USER_CRT').save(failOnError:true)
	new Authority(authority:'ROLE_USER_UPD').save(failOnError:true)
	new Authority(authority:'ROLE_USER_DEL').save(failOnError:true)
   }

   if (!RoleAuthority.count()) {
	new RoleAuthority(authority:1,role:1).save(failOnError:true)
	new RoleAuthority(authority:2,role:2).save(failOnError:true)
	new RoleAuthority(authority:3,role:2).save(failOnError:true)
	new RoleAuthority(authority:4,role:2).save(failOnError:true)
	new RoleAuthority(authority:5,role:2).save(failOnError:true)
   }

   if (!UserRole.count()) {
	new UserRole(user:1,role:1).save(failOnError:true)
   }	

   if (!UserAuthority.count()) {
	new UserAuthority(user:1,authority:2).save(failOnError:true)
   }
  • Run the application "run-app" from grails command line
  • Log into the application with user admin passsword admin

Security Configuration

  • Review config configuration file to add access to your own
  • to customize the login script run the folowing script to duplicate it into your application
s2ui-override auth
s2ui-override layout
  • Now you got the file auth.gsp under login views folder
  • Copy the RegisterController
s2ui-override register com.objclt.yourapp.security

s2ui-override register com.objclt.yourapp.security

s2ui-override registrationcode com.objclt.yourapp.security

s2ui-override role com.objclt.yourapp.security

s2ui-override user com.objclt.yourapp.security

s2ui-override securityinfo com.objclt.yourapp.security

ACLs

ACL Types
AclClass

The AclClass domain class contains entries for the names of each application domain class that has associated permissions:

AclSid

SID: Security Identity. The AclSid domain class contains entries for the names of grant recipients (username: Principal = true or roles : principal = false)

AclObjectIdentity

Contains entries representing individual domain class instances (OIDs).It has a field for the instance id (objectId) and domain class (aclClass) that uniquely identify the instance. In addition there are optional nullable fields for the parent OID (parent) and owner (owner). There's also a flag (entriesInheriting) to indicate whether ACL entries can inherit from a parent ACL. AclObjectIdentity actually extends a base class, AbstractAclObjectIdentity:

AclEntry

Contains entries representing grants (or denials) of a permission on an object instance to a recipient

Plugin

Grails has an elegant to display error at the feild level markup go away by using the Fields plugin (http://grails.org/plugin/fields)

Using Grails

Consol

Run BootStrap (always import domain)

import com.grailsinaction.Post import grails.util.Environment

Environment.executeForCurrentEnvironment(new BootStrap().init) println "There are ${Post.count()} posts in the database"

Command

Create controller in scoffolding mode : create-scaffold-controller com.mydomain.object Generate controller code generate-controller install template : install-templates

Message Parameter

  • {0} —The name of the domain class property.
  • {1} —The name of the domain class.
  • {2} —The invalid value.
  • {3} —The limiting value in the constraint, such as a maximum value or a match-

ing pattern. Applies to match , max , min , maxSize , minSize , inList , and equals constraints.

  • {4} —The upper bound for a constraint ({3} is the lower bound). Applies to

range and size constraints.

List

def posts = Post.where { user.loginId == "phil" }.list(max: 5, offset: 5, sort: "dateCreated", order: "desc")

Relation

OneToMany

1 Users -­> x Posts

"addTo" sample -> addToPosts 

class User {

   String loginId
   String password

   static hasMany = [posts:Post]
}

class Post {

   String content
   static belongsTo = [ user: User ]
}

class PostController {
   def addPost() {
      def user = User.findByLoginId(params.id)
      if (user) {
         def post = new Post(params)
	 user.addToPosts(post)
	 
         if (user.save(flush:true)) {
	    flash.message = "Successfully created Post"
	 } else {
	    flash.message = "Invalid or empty post"
	 }
      } else {
         flash.message = "Invalid User Id"
      }
   }

Self-Reference

1 User -> x Users

<syntaxhighlight lang="groovy">

class User { 

  String loginId
  String password

  static hasMany = [following: User]

}


class UserController { 

  def addFollowers() {
     joe.addToFollowing(jane)
  }

}

</syntaxhighlight">

Retrieved from "http://wiki.objclt.ca/wiki/index.php?title=Grails_Framework&oldid=354"