Grails Framework: Difference between revisions

From Objectif Client Inc
Jump to navigation Jump to search
No edit summary
 
(20 intermediate revisions by the same user not shown)
Line 2: Line 2:


===Security Setup===
===Security Setup===
# Add security addon inside Build Config to enable Security addon  
* Add security addon inside BuildConfig configuuration file to enable Security core and UI addon  
<syntaxhighlight lang="groovy">
<syntaxhighlight lang="groovy">
compile ':spring-security-core:2.0-RC4'
compile ':spring-security-core:2.0-RC4'
compile ":spring-security-ui:1.0-RC2"
compile ":spring-security-acl:2.0-RC2"
</syntaxhighlight>
</syntaxhighlight>
# Compile the application to finalise the installation and download necessary library. From grails command line execute "complile"
* Compile the application to finalise the installation and download necessary library. From grails command line execute "complile"


# Execute the script s2-quickstart to generate domains and update the configuration. From grails command line execute the following command:  
* Execute the script s2-quickstart to generate domains and update the configuration. From grails command line execute the following command:  


<syntaxhighlight lang="groovy">
<syntaxhighlight lang="groovy">
Line 14: Line 16:
</syntaxhighlight>
</syntaxhighlight>


# Preload security by addind following info into BootStrap config file under "def init = { servletContext ->"
* Execute the script s2-create-acl-domains to copies the domain classes into your application
<syntaxhighlight lang="groovy">
s2-create-acl-domains
</syntaxhighlight>
 
* Preload security by addind following info into BootStrap config file under "def init = { servletContext ->"
 
<syntaxhighlight lang="groovy">
<syntaxhighlight lang="groovy">
   if (!User.count()) {
   if (!User.count()) {
Line 49: Line 57:
   }
   }
</syntaxhighlight>
</syntaxhighlight>
* Run the application "run-app" from grails command line
* Log into the application with user admin passsword admin
===Security Configuration===
* Review config configuration file to add access to your own 
<syntaxhighlight lang="groovy">
</syntaxhighlight>
* to customize the login script run the folowing script to duplicate it into your application
<syntaxhighlight lang="groovy">
s2ui-override auth
s2ui-override layout
</syntaxhighlight>
* Now you got the file auth.gsp under login views folder
* Copy the RegisterController
<syntaxhighlight lang="groovy">
s2ui-override register com.objclt.yourapp.security
</syntaxhighlight>
<syntaxhighlight lang="groovy">
s2ui-override register com.objclt.yourapp.security
</syntaxhighlight>
<syntaxhighlight lang="groovy">
s2ui-override registrationcode com.objclt.yourapp.security
</syntaxhighlight>
<syntaxhighlight lang="groovy">
s2ui-override role com.objclt.yourapp.security
</syntaxhighlight>
<syntaxhighlight lang="groovy">
s2ui-override user com.objclt.yourapp.security
</syntaxhighlight>
<syntaxhighlight lang="groovy">
s2ui-override securityinfo com.objclt.yourapp.security
</syntaxhighlight>
====ACLs====
===== ACL Types =====
====== AclClass ======
The AclClass domain class contains entries for the names of each application domain class that has associated permissions:
====== AclSid ======
SID: Security Identity. The AclSid domain class contains entries for the names of grant recipients (username: Principal = true or roles : principal = false)
====== AclObjectIdentity ======
Contains entries representing individual domain class instances (OIDs).It has a field for the instance id (objectId) and domain class (aclClass) that uniquely identify the instance. In addition there are optional nullable fields for the parent OID (parent) and owner (owner). There's also a flag (entriesInheriting) to indicate whether ACL entries can inherit from a parent ACL.
AclObjectIdentity actually extends a base class, AbstractAclObjectIdentity:
======AclEntry======
Contains entries representing grants (or denials) of a permission on an object instance to a recipient
===Plugin===
Grails has an elegant to display error at the feild level
markup go away by using the Fields plugin (http://grails.org/plugin/fields)
== Using Grails ==
===Consol===
Run BootStrap (always import domain)
import com.grailsinaction.Post
import grails.util.Environment
Environment.executeForCurrentEnvironment(new BootStrap().init)
println "There are ${Post.count()} posts in the database"
===Command===
Create controller in scoffolding mode : create-scaffold-controller com.mydomain.object
Generate controller code generate-controller
install template : install-templates
===Message Parameter===
* {0} —The name of the domain class property.
* {1} —The name of the domain class.
* {2} —The invalid value.
* {3} —The limiting value in the constraint, such as a maximum value or a match-
ing pattern. Applies to match , max , min , maxSize , minSize , inList , and equals
constraints.
* {4} —The upper bound for a constraint ({3} is the lower bound). Applies to
range and size constraints.
===List===
def posts = Post.where {
user.loginId == "phil"
}.list(max: 5, offset: 5, sort: "dateCreated", order: "desc")
==Relation==
===OneToMany===
1 Users  -­> x Posts
"addTo" sample -> addToPosts
<syntaxhighlight lang="groovy">
class User {
  String loginId
  String password
  static hasMany = [posts:Post]
}
class Post {
  String content
  static belongsTo = [ user: User ]
}
class PostController {
  def addPost() {
      def user = User.findByLoginId(params.id)
      if (user) {
        def post = new Post(params)
user.addToPosts(post)
        if (user.save(flush:true)) {
    flash.message = "Successfully created Post"
} else {
    flash.message = "Invalid or empty post"
}
      } else {
        flash.message = "Invalid User Id"
      }
  }
</syntaxhighlight>
===Self-Reference===
1 User -> x Users
<syntaxhighlight lang="groovy">
class User {
  String loginId
  String password
  static hasMany = [following: User]
}
class UserController {
  def addFollowers() {
      joe.addToFollowing(jane)
  }
}
</syntaxhighlight">

Latest revision as of 17:31, 29 January 2015

Framework Setup

Security Setup

  • Add security addon inside BuildConfig configuuration file to enable Security core and UI addon
compile ':spring-security-core:2.0-RC4'
compile ":spring-security-ui:1.0-RC2"
compile ":spring-security-acl:2.0-RC2"
  • Compile the application to finalise the installation and download necessary library. From grails command line execute "complile"
  • Execute the script s2-quickstart to generate domains and update the configuration. From grails command line execute the following command:
s2-quickstart com.objclt.application.security User Authority --groupClassName=Role
  • Execute the script s2-create-acl-domains to copies the domain classes into your application
s2-create-acl-domains
  • Preload security by addind following info into BootStrap config file under "def init = { servletContext ->"
   if (!User.count()) {
      new User(username:'admin', password:'admin',enabled:true).save(failOnError:true)
    }

   if (!Role.count()) {
      new Role(name:'ROLE_ADMIN').save(failOnError:true)
      new Role(name:'ROLE_USER_MGT').save(failOnError:true)
   }

   if (!Authority.count()) {
	new Authority(authority:'ROLE_ADMIN').save(failOnError:true)
	new Authority(authority:'ROLE_USER_DSP').save(failOnError:true)
	new Authority(authority:'ROLE_USER_CRT').save(failOnError:true)
	new Authority(authority:'ROLE_USER_UPD').save(failOnError:true)
	new Authority(authority:'ROLE_USER_DEL').save(failOnError:true)
   }

   if (!RoleAuthority.count()) {
	new RoleAuthority(authority:1,role:1).save(failOnError:true)
	new RoleAuthority(authority:2,role:2).save(failOnError:true)
	new RoleAuthority(authority:3,role:2).save(failOnError:true)
	new RoleAuthority(authority:4,role:2).save(failOnError:true)
	new RoleAuthority(authority:5,role:2).save(failOnError:true)
   }

   if (!UserRole.count()) {
	new UserRole(user:1,role:1).save(failOnError:true)
   }	

   if (!UserAuthority.count()) {
	new UserAuthority(user:1,authority:2).save(failOnError:true)
   }
  • Run the application "run-app" from grails command line
  • Log into the application with user admin passsword admin

Security Configuration

  • Review config configuration file to add access to your own
  • to customize the login script run the folowing script to duplicate it into your application
s2ui-override auth
s2ui-override layout
  • Now you got the file auth.gsp under login views folder
  • Copy the RegisterController
s2ui-override register com.objclt.yourapp.security

s2ui-override register com.objclt.yourapp.security

s2ui-override registrationcode com.objclt.yourapp.security

s2ui-override role com.objclt.yourapp.security

s2ui-override user com.objclt.yourapp.security

s2ui-override securityinfo com.objclt.yourapp.security

ACLs

ACL Types
AclClass

The AclClass domain class contains entries for the names of each application domain class that has associated permissions:

AclSid

SID: Security Identity. The AclSid domain class contains entries for the names of grant recipients (username: Principal = true or roles : principal = false)

AclObjectIdentity

Contains entries representing individual domain class instances (OIDs).It has a field for the instance id (objectId) and domain class (aclClass) that uniquely identify the instance. In addition there are optional nullable fields for the parent OID (parent) and owner (owner). There's also a flag (entriesInheriting) to indicate whether ACL entries can inherit from a parent ACL. AclObjectIdentity actually extends a base class, AbstractAclObjectIdentity:

AclEntry

Contains entries representing grants (or denials) of a permission on an object instance to a recipient

Plugin

Grails has an elegant to display error at the feild level markup go away by using the Fields plugin (http://grails.org/plugin/fields)

Using Grails

Consol

Run BootStrap (always import domain)

import com.grailsinaction.Post import grails.util.Environment

Environment.executeForCurrentEnvironment(new BootStrap().init) println "There are ${Post.count()} posts in the database"

Command

Create controller in scoffolding mode : create-scaffold-controller com.mydomain.object Generate controller code generate-controller install template : install-templates

Message Parameter

  • {0} —The name of the domain class property.
  • {1} —The name of the domain class.
  • {2} —The invalid value.
  • {3} —The limiting value in the constraint, such as a maximum value or a match-

ing pattern. Applies to match , max , min , maxSize , minSize , inList , and equals constraints.

  • {4} —The upper bound for a constraint ({3} is the lower bound). Applies to

range and size constraints.

List

def posts = Post.where { user.loginId == "phil" }.list(max: 5, offset: 5, sort: "dateCreated", order: "desc")

Relation

OneToMany

1 Users -­> x Posts

"addTo" sample -> addToPosts 

class User {

   String loginId
   String password

   static hasMany = [posts:Post]
}

class Post {

   String content
   static belongsTo = [ user: User ]
}

class PostController {
   def addPost() {
      def user = User.findByLoginId(params.id)
      if (user) {
         def post = new Post(params)
	 user.addToPosts(post)
	 
         if (user.save(flush:true)) {
	    flash.message = "Successfully created Post"
	 } else {
	    flash.message = "Invalid or empty post"
	 }
      } else {
         flash.message = "Invalid User Id"
      }
   }

Self-Reference

1 User -> x Users

<syntaxhighlight lang="groovy">

class User { 

  String loginId
  String password

  static hasMany = [following: User]

}


class UserController { 

  def addFollowers() {
     joe.addToFollowing(jane)
  }

}

</syntaxhighlight">

Retrieved from "http://wiki.objclt.ca/wiki/index.php?title=Grails_Framework&oldid=354"