Checking if specific user has a role

Question

is there some pretty way to check if some specific user (not the one that is logged in) has some specific role?

Here is grails example (generally the same for plain Java but syntax):

def user = User.get(1) //Get user with id 1
if (ifAnyGranted(user,"ROLE_ADMIN")) { //This is the line I need to implement somehow
...
}

Thanks in advance.

Answer 1

I case you want to check the current logged in user, you don't need to query User domain, since you've already injected springSecurityService, so you could've just write:

def springSecurityService

def someAction(){
    if (principal.authorities.any { it.authority == 'ROLE_ADMIN'}){
        //...
    } else {
        //...
    }
}

Answer 2

if (grails.plugin.springsecurity.SpringSecurityUtils.ifAllGranted("ROLE_ADMIN"))
{
   ...
}

Answer 3

I assume, your User domain class holds a hasMany refernece to your Role class like this:

class User  {
    static hasMany = [authorities: Role]
    //....
}
class Role  {
    static belongsTo = User
    String description
    String authority
    //....
}

So your code for role-checking is simple:

User user = User.get(1)
if (user.authorities.any { it.authority == "ROLE_ADMIN" }) {
    // user is a admin
}

An updated answer can be found here.

Answer 4

If you're using the Spring Security Plugin and want to check the current logged in user:

import org.codehaus.groovy.grails.plugins.springsecurity.AuthorizeTools

. . .

if (AuthorizeTools.ifAllGranted("ROLE_ADMIN")){
               //user is an admin
}