CODEWITHSUNDEEP
grailsspring-securityacl
Jeff Allen
Jeff Allen

Reputation: 17517

How to Create ACLs in Spring-Security-Acl

I'm just getting started with Grails and am hitting a wall trying to configure the spring-security-acl plugin. I've been following the official plugin tutorial but am unable to get past the Bootstrapping phase when trying to run my app (using a Position domain class rather than a Report class. Most of my problems have surrounded the ACL portion of the app.

The issue I'm unable to get past is in the grantPermissions() function of Bootstrap.groovy. Per the tutorial's instructions, by functions starts off like this:

private void grantPermissions() {
    def positions = []
    100.times {
        long id = it + 1
        def position = new Position(title: "position$id").save()
        positions << position
        aclService.createAcl(
                objectIdentityRetrievalStrategy.getObjectIdentity(position))
    }

IntelliJ is warning me on the aclService.createAcl line that it "Cannot infer argument types. This inspection reports assignments with incompatible types." Indeed if I try to run the app anyways, it crashes on that line with the error:

| Error 2013-03-09 09:35:24,207 [localhost-startStop-1] ERROR context.GrailsContextLoader  - Error initializing the application: Cannot get property 'id' on null object
Message: Cannot get property 'id' on null object
    Line | Method
->>   68 | doCall                           in BootStrap$_grantPermissions_closure4
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
|     63 | grantPermissions                 in BootStrap
|     29 | doCall . . . . . . . . . . . . . in BootStrap$_closure1
...

Any help would be greatly appreciated!

Appendix

In case it matters, my Position domain object looks like this:

class Position {

    String title
    Boolean draft

    static constraints = {
    }
}

I don't think this issue would be related, but it was an ACL-related deviation from the tutorial, so for posterity's sake... The first issue I had which (I think) I've solved was in PositionService.groovy, I was getting errors in IntelliJ on the code chunk:

def acl = aclUtilService.readAcl(position)

// Remove all permissions associated with this particular
// recipient (string equality to KISS)
acl.entries.eachWithIndex { entry, i ->
    if (entry.sid.equals(position) &&
            entry.permission.equals(permission)) {
        acl.deleteAce i
    }
}

It looked like the issue was not being able to find the function deleteAce on the generic acl object; I was able to solve this by specifying the type MutableAcl as in

MutableAcl acl = aclUtilService.readAcl(position)

Upvotes: 0

Views: 987

Answers (1)

Burt Beckwith
Burt Beckwith

Reputation: 75671

All properties have an implicit nullable:false constraint, but you're only setting the title property. draft isn't set, so validation is failing and all of your Positions are null.

This should work:

def position = new Position(title: "position$id", draft: false).save()

Upvotes: 2

Related Questions