aschmid
Reputation: 53
Grails Spring Security verify access for multiple url
I would like to verify if the user has access to more than one url, in a view, like this:
<sec:access url="/user,/client">
Just like the sec:ifAnyGranted tag for roles:
<sec:ifAnyGranted roles="ROLE_ADMIN,ROLE_SUPERVISOR">
In my verifications, the sec:access url just works with one url. Is there any way or alternative to this?
I'm using the spring-security-core:2.0-RC2 plugin for grails.
Upvotes: 1
Views: 427
Answers (1)
MKB
Reputation: 7619
I don't thing multiple URLs is supported. You can create your own tag to do this like
class CustomTagLib {
static namespace = "myTag"
def ifAnyGranted = { attrs, body ->
List<String> urls = attrs.remove('urls').split(',')
Boolean hasAccess = Boolean.FALSE
for (int i = 0; i < urls.size(); i++) {
hasAccess = sec.access(url: urls.get(i).trim()) { Boolean.TRUE }
if (hasAccess) {
out << body()
break
}
}
}
}
and use it in the view like:
<myTag:ifAnyGranted urls="/domain/index,/domain/show">
Something to display if has access to anyone of the URL
</myTag:ifAnyGranted>
Upvotes: 2
Related Questions
- How to disable spring security authentication in grails for a particular url, using grails 2.2.5
- Grails 3 Spring Security Pre Authentication
- How to configure grails/spring authentication scheme per url?
- Combination of security access constraints using Grails
- Grails spring security core allow authentication from url
- Grails Spring securiy authentication with three parameters
- Using grails spring security to secure URLs with http method
- Secured by url spring security
- Using Spring Security to Validate User Credentials
- grails login verification