Enforcing access control on controllers and actions using grails filters

NO LONGER MAINTAINED

DUE TO TIME CONSTRAINTS OF THE ORIGINAL OSS DEVELOPER THE NIMBLE PLUGIN IS NO LONGER BEING MAINTAINED.

Home
Developer Documentation
- Authentication and Access control tags supplied by Nimble
- Configuration options
- Configuring column names
- Configuring table names
- Enforcing access control directly in your own code
- Enforcing access control on controllers and actions using grails filters
- Extending or modifying the administration area menu
- Facebook Realm
- How Nimble modifies the host application
- LDAP Realm
- Local account creation
- Local Account Realm
- Modifying automated email message content
- Modifying help popups
- Modifying profile display
- Modifying the login screen
- OpenID Realm
- Overview of access control in Nimble
- Overview of authentication and identity in Nimble
- Overview of social features in Nimble
- UI tags supplied by Nimble
- Using compass and Sass for CSS
FAQ
Nimble Installation
Nimble maintainers
Upcomming Features
- Configurable JavaScript
- JavaScript Development
Sitemap

One of the easiest methods for adding security to your host application is by configuring grails filters to control access to controllers and actions.

Configuring filters is a simple process. In your host application you simply need to invoke the accessControl closure when a controller and action pair is matched.

The following example shows the usage of the accessControl closure in filters.


public class NimbleSecurityFilters extends grails.plugins.nimble.security.NimbleFilterBase {


    def filters = {


        // Content requiring users to be authenticated
        secure(controller: "main") {
            before = {
                accessControl {
                    true
                }
            }   
        }


        profilesecure(controller: "profile") {
            before = {
                if(!actionName.equals('miniprofile')) {
                    accessControl {
                        true
                    }
                }
            }
        }


        // Account management requiring authentication
        accountsecure(controller: "account", action: "(changepassword|updatepassword|changedpassword)") {
            before = {
                accessControl {
                    true
                }
            }
        }


        // This should be extended as the application adds more administrative functionality
        administration(controller: "(admins|user|group|role)") {
            before = {
                accessControl {
                    role(AdminsService.ADMIN_ROLE)
                }
            }
        }

        // Creating, modifying, or deleting a book requires the "Administrator" role.
        bookEditing(controller: "book", action: "(create|edit|save|update|delete)") {
            before = {
                accessControl {
                    role("Administrator")
                }
            }
        }
        // Showing a book requires the "Administrator" *or* the "User" roles.
        bookShow(controller: "book", action: "show") {
            before = {
                accessControl {
                    role("Administrator") || permission("book:show")
                }
            }
        }
    }
}

Nimble – PLUGIN NO LONGER MAINTAINED

NO LONGER MAINTAINED

Enforcing access control on controllers and actions using grails filters

Comments