- 01
- 02
- 03
- 04
- 05
- 06
- 07
- 08
- 09
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
package simplecms
import auth.*
class AuthFilters {
private checkPermission(def controller, def p, def session, def params) {
if (p) {
boolean result = session.user?.profile?.permissions?.contains(p)
if (p.delegate) {
result |= controller.checkDelegation[p.name](session, params)
} else if (p.controllerChecked) {
result &= controller.checkPermission[p.name](session, params)
}
if (!result && p.parent) {
result = checkPermission(controller, p.parent, session, params)
}
return result
}
return true
}
def filters = {
main(controller:'*', action:'*') {
before = {
def mappings = PermissionMapping.findAllByControllerAndMethodInList(controllerName, [actionName, '*'])
boolean denied = mappings?.size() > 0
if (denied) {
def permissions = []
session.user?.attach()
mappings.each { mapping ->
if (mapping.permission?.guest) {
denied = false
} else if (permission.parent == null){
permissions << mapping.permission
}
}
if (denied) {
denied = !permissions.any { checkPermission(grailsApplication.mainContext.getBean(controllerName), it, session, params) }
}
}
return !denied
}
}
}
}
Нашёл у себя в проекте. Иерархия разрешений? ну так будем проверять только корневые, что заморачиваться?!
Комментарии (0) RSS
Добавить комментарий