dependencies {
+dependencies {
...
- compile 'org.grails.plugins:spring-security-acl:4.0.0.BUILD-SNAPSHOT'
+ compile 'org.grails.plugins:spring-security-acl:5.0.0-SNAPSHOT'
...
dependencies {
+dependencies {
...
- compile 'org.grails.plugins:spring-security-acl:4.0.0.BUILD-SNAPSHOT'
+ compile 'org.grails.plugins:spring-security-acl:5.0.0-SNAPSHOT'
...
dependencies {
+dependencies {
...
compile 'org.grails.plugins:spring-security-acl:3.1.1'
...
@@ -567,7 +587,7 @@ 2.2. Snapshots
maven { url "https://oss.jfrog.org/artifactory/oss-snapshot-local" }maven { url "https://oss.jfrog.org/artifactory/oss-snapshot-local" }import org.springframework.security.access.prepost.PostFilter
+import org.springframework.security.access.prepost.PostFilter
import org.springframework.security.access.prepost.PreAuthorize
import grails.gorm.transactions.Transactional
@@ -695,7 +715,7 @@ 3.2.1. Suggested application changes
import org.springframework.security.access.AccessDeniedException
+import org.springframework.security.access.AccessDeniedException
import org.springframework.security.acls.model.NotFoundException
class UrlMappings {
@@ -719,7 +739,7 @@ 3.2.1. Suggested application changes
package com.yourcompany.yourapp
+package com.yourcompany.yourapp
import grails.plugin.springsecurity.annotation.Secured
@@ -739,7 +759,7 @@ 3.2.1. Suggested application changes
<html>
+<html>
<head>
<title>Access denied!</title>
<meta name='layout' content='main' />
@@ -778,7 +798,7 @@ 3.2.2. actionSubmit
<div class="buttons">
+<div class="buttons">
<g:form action='edit'>
<g:hiddenField name="id" value="${reportInstance?.id}" />
<span class="button">
@@ -800,7 +820,7 @@ 3.2.2. actionSubmit
<g:form action='update'><g:form action='update'><div class="buttons">
+<div class="buttons">
<span class="button">
<g:submitButton class="save" name="Update" />
</span>
@@ -820,7 +840,7 @@ 3.2.2. actionSubmit
<g:form action='delete'>
+<g:form action='delete'>
<g:hiddenField name="id" value="${reportInstance?.id}" />
<div class="buttons">
<span class="button">
@@ -851,7 +871,7 @@ 3.3.1. AclClass
package grails.plugin.springsecurity.acl
+package grails.plugin.springsecurity.acl
class AclClass {
@@ -881,7 +901,7 @@ 3.3.2. AclSid
package grails.plugin.springsecurity.acl
+package grails.plugin.springsecurity.acl
class AclSid {
@@ -912,7 +932,7 @@ 3.3.3. AclObjectIdentity
package grails.plugin.springsecurity.acl
+package grails.plugin.springsecurity.acl
class AclObjectIdentity extends AbstractAclObjectIdentity {
@@ -943,7 +963,7 @@ 3.3.3. AclObjectIdentity
abstract class AbstractAclObjectIdentity {
+abstract class AbstractAclObjectIdentity {
AclClass aclClass
AclObjectIdentity parent
@@ -971,7 +991,7 @@ 3.3.4. AclEntry
package grails.plugin.springsecurity.acl
+package grails.plugin.springsecurity.acl
class AclEntry {
@@ -1008,7 +1028,7 @@ 3.4. Configuration
Creating, editing, or deleting permissions requires an authenticated user. In most cases if the authenticated user is the owner of the ACL then access is allowed, but granted roles also affect whether access is allowed. The default required role is ROLE_ADMIN for all actions, but this can be configured in grails-app/conf/application.groovy. This table summarizes the attribute names and the corresponding actions that are allowed for it:
-
+
3.4. Configuration
-grails.plugin.springsecurity.acl.authority.
+grails.plugin.springsecurity.acl.authority.
modifyAuditingDetails = 'ROLE_ACL_MODIFY_AUDITING'
grails.plugin.springsecurity.acl.authority.
@@ -1054,7 +1074,7 @@ 3.4.1. Run-As Authentication Replacem
There are also two options to configure Run-As Authentication Replacement:
-
+
3.4.1. Run-As Authentication Replacem
-grails.plugin.springsecurity.useRunAs = true
+grails.plugin.springsecurity.useRunAs = true
grails.plugin.springsecurity.runAs.key = 'your run-as key'
@@ -1097,7 +1117,7 @@ 3.5. Run-As Authentication Replacement
-class SecureService {
+class SecureService {
@Secured(['ROLE_ADMIN', 'RUN_AS_SUPERUSER'])
def someMethod() {
@@ -1117,7 +1137,7 @@ 3.6. Custom Permissions
-package com.mycompany.myapp;
+package com.mycompany.myapp;
import org.springframework.security.acls.domain.BasePermission;
import org.springframework.security.acls.model.Permission;
@@ -1144,7 +1164,7 @@ 3.6. Custom Permissions
-import com.mycompany.myapp.MyPermissions
+import com.mycompany.myapp.MyPermissions
...
grails.plugin.springsecurity.acl. permissionClass = MyPermissions
@@ -1154,7 +1174,7 @@ 3.6. Custom Permissions
-grails.plugin.springsecurity.acl.permissionClass = 'com.mycompany.myapp.MyPermissions'
+grails.plugin.springsecurity.acl.permissionClass = 'com.mycompany.myapp.MyPermissions'
@@ -1162,7 +1182,7 @@ 3.6. Custom Permissions
-import org.springframework.security.acls.domain.DefaultPermissionFactory
+import org.springframework.security.acls.domain.DefaultPermissionFactory
import com.mycompany.myapp.MyPermission
beans = {
@@ -1175,7 +1195,7 @@ 3.6. Custom Permissions
-@PreAuthorize("hasPermission(#id, 'com.testacl.Report', 'approve')")
+@PreAuthorize("hasPermission(#id, 'com.testacl.Report', 'approve')")
Report get(long id) {
Report.get id
}
@@ -1201,9 +1221,9 @@ 4. Tutorial
-dependencies {
+dependencies {
...
- compile 'org.grails.plugins:spring-security-acl:unspecified'
+ compile 'org.grails.plugins:spring-security-acl:{project-version}'
...
}
@@ -1246,7 +1266,7 @@ 4. Tutorial
-package com.testacl
+package com.testacl
class Report {
String name
@@ -1266,7 +1286,7 @@ 4. Tutorial
-package com.testacl
+package com.testacl
import static org.springframework.security.acls.domain.BasePermission.ADMINISTRATION
@@ -1405,7 +1425,7 @@ 4. Tutorial
-package com.testacl
+package com.testacl
import static org.springframework.security.acls.domain.BasePermission.ADMINISTRATION
import static org.springframework.security.acls.domain.BasePermission.READ
@@ -1498,7 +1518,7 @@ 4. Tutorial
-class BootStrap {
+class BootStrap {
def sampleDataService
@@ -1521,7 +1541,7 @@ 4. Tutorial
-package com.testacl
+package com.testacl
import org.springframework.dao.DataIntegrityViolationException
@@ -1638,7 +1658,7 @@ 4. Tutorial
-import org.springframework.security.access.AccessDeniedException
+import org.springframework.security.access.AccessDeniedException
import org.springframework.security.acls.model.NotFoundException
class UrlMappings {
@@ -1671,7 +1691,7 @@ 4. Tutorial
-package com.testacl
+package com.testacl
import grails.plugin.springsecurity.annotation.Secured
@@ -1695,7 +1715,7 @@ 4. Tutorial
-<html>
+<html>
<head>
<title>Access denied!</title>
<meta name='layout' content='main' />
@@ -1733,7 +1753,7 @@ 4.1. actionSubmit issues
-<div class="buttons">
+<div class="buttons">
<g:form action='edit'>
<g:hiddenField name="id" value="${reportInstance?.id}" />
<span class="button">
@@ -1755,7 +1775,7 @@ 4.1. actionSubmit issues
-<g:form action='update'>
+<g:form action='update'>
@@ -1763,7 +1783,7 @@ 4.1. actionSubmit issues
-<div class="buttons">
+<div class="buttons">
<span class="button"><g:submitButton class="save" name="Update" /></span>
</div>
@@ -1773,7 +1793,7 @@ 4.1. actionSubmit issues
-<g:form action='delete'>
+<g:form action='delete'>
<g:hiddenField name="id" value="${reportInstance?.id}" />
<div class="buttons">
<span class="button">
@@ -1792,7 +1812,7 @@ 4.1. actionSubmit issues
-<sec:ifLoggedIn>
+<sec:ifLoggedIn>
<g:form controller='logout'>
Logged in as <sec:username/> - <g:submitButton name='logout' value='Logout'/>
@@ -1889,7 +1909,7 @@ 6.1. addPermission
Examples
-aclUtilService.addPermission Report, 1124, 'user123', BasePermission.WRITE
+aclUtilService.addPermission Report, 1124, 'user123', BasePermission.WRITE
aclUtilService.addPermission reportInstance, 'user123', BasePermission.WRITE
@@ -1900,7 +1920,7 @@ 6.1. addPermission
-void addPermission(Class<?> domainClass, long id, recipient, Permission permission)
+void addPermission(Class<?> domainClass, long id, recipient, Permission permission)
void addPermission(domainObject, recipient, Permission permission)
@@ -1937,13 +1957,13 @@ 6.2. changeOwner
Examples
-aclUtilService.changeOwner reportInstance, 'user123'
+aclUtilService.changeOwner reportInstance, 'user123'
Description
-void changeOwner(domainObject, String newUsername)
+void changeOwner(domainObject, String newUsername)
@@ -1967,13 +1987,13 @@ 6.3. deleteAcl
Examples
-aclUtilService.deleteAcl reportInstance
+aclUtilService.deleteAcl reportInstance
Description
-void deleteAcl(domainObject)
+void deleteAcl(domainObject)
@@ -1994,7 +2014,7 @@ 6.4. deletePermission
Examples
-aclUtilService.deletePermission Report, 42, 'user123', BasePermission.WRITE
+aclUtilService.deletePermission Report, 42, 'user123', BasePermission.WRITE
aclUtilService.deletePermission reportInstance, 'user123', BasePermission.WRITE
@@ -2002,7 +2022,7 @@ 6.4. deletePermission
Description
-void deletePermission(domainObject, recipient, Permission permission)
+void deletePermission(domainObject, recipient, Permission permission)
void deletePermission(Class<?> domainClass, long id, recipient, Permission permission)
@@ -2037,7 +2057,7 @@ 6.5. hasPermission
Examples
-if (aclUtilService.hasPermission(auth, reportInstance, BasePermission.WRITE)) {
+if (aclUtilService.hasPermission(auth, reportInstance, BasePermission.WRITE)) {
...
}
@@ -2045,7 +2065,7 @@ 6.5. hasPermission
Description
-boolean hasPermission(Authentication authentication, domainObject, Permission... permissions)
+boolean hasPermission(Authentication authentication, domainObject, Permission... permissions)
boolean hasPermission(Authentication authentication, domainObject, List<Permission> permissions)
@@ -2074,7 +2094,7 @@ 6.6. readAcl
Examples
-def acl = aclUtilService.readAcl(reportInstance)
+def acl = aclUtilService.readAcl(reportInstance)
def acl = aclUtilService.readAcl(Report, 42)
@@ -2082,7 +2102,7 @@ 6.6. readAcl
Description
-Acl readAcl(domainObject)
+Acl readAcl(domainObject)
Acl readAcl(Class<?> domainClass, id)
@@ -2141,7 +2161,7 @@ 8.1. permitted
-<sec:permitted className='com.foo.Report' id='${reportId}' permission='read'>
+<sec:permitted className='com.foo.Report' id='${reportId}' permission='read'>
the body content
@@ -2153,7 +2173,7 @@ 8.1. permitted
-<sec:permitted className='com.foo.Report' id='${reportId}' permission='write,read'>
+<sec:permitted className='com.foo.Report' id='${reportId}' permission='write,read'>
the body content
@@ -2165,7 +2185,7 @@ 8.1. permitted
-<%@ page import="org.springframework.security.acls.domain.BasePermission" %>
+<%@ page import="org.springframework.security.acls.domain.BasePermission" %>
<sec:permitted className='com.foo.Report' id='${reportId}' permission='${BasePermission.READ}'>
@@ -2179,7 +2199,7 @@ 8.1. permitted
-<%@ page import="org.springframework.security.acls.domain.BasePermission" %>
+<%@ page import="org.springframework.security.acls.domain.BasePermission" %>
<sec:permitted className='com.foo.Report' id='${reportId}' permission='${[BasePermission.WRITE,BasePermission.READ]}'>
@@ -2193,7 +2213,7 @@ 8.1. permitted
-<sec:permitted className='com.foo.Report' id='${reportId}' permission='${1}'>
+<sec:permitted className='com.foo.Report' id='${reportId}' permission='${1}'>
the body content
@@ -2205,7 +2225,7 @@ 8.1. permitted
-<sec:permitted className='com.foo.Report' id='${reportId}' permission='2,1'>
+<sec:permitted className='com.foo.Report' id='${reportId}' permission='2,1'>
the body content
@@ -2229,7 +2249,7 @@ 8.2. notPermitted
-<sec:notPermitted className='com.foo.Report' id='${reportId}' permission='read'>
+<sec:notPermitted className='com.foo.Report' id='${reportId}' permission='read'>
the body content
@@ -2241,7 +2261,7 @@ 8.2. notPermitted
-<sec:notPermitted className='com.foo.Report' id='${reportId}' permission='read,write'>
+<sec:notPermitted className='com.foo.Report' id='${reportId}' permission='read,write'>
the body content
@@ -2253,7 +2273,7 @@ 8.2. notPermitted
-<%@ page import="org.springframework.security.acls.domain.BasePermission" %>
+<%@ page import="org.springframework.security.acls.domain.BasePermission" %>
<sec:notPermitted className='com.foo.Report' id='${reportId}' permission='${BasePermission.READ}'>
@@ -2267,7 +2287,7 @@ 8.2. notPermitted
-<%@ page import="org.springframework.security.acls.domain.BasePermission" %>
+<%@ page import="org.springframework.security.acls.domain.BasePermission" %>
<sec:notPermitted className='com.foo.Report' id='${reportId}' permission='${[BasePermission.WRITE,BasePermission.READ]}'>
@@ -2281,7 +2301,7 @@ 8.2. notPermitted
-<sec:notPermitted className='com.foo.Report' id='${reportId}' permission='${1}'>
+<sec:notPermitted className='com.foo.Report' id='${reportId}' permission='${1}'>
the body content
@@ -2293,7 +2313,7 @@ 8.2. notPermitted
-<sec:notPermitted className='com.foo.Report' id='${reportId}' permission='2,1'>
+<sec:notPermitted className='com.foo.Report' id='${reportId}' permission='2,1'>
the body content
@@ -2497,12 +2517,10 @@ 9.2. Previous work
-
-
-
+
\ No newline at end of file