I am trying to secure a controller:
#Secured(['ROLE_ADMIN'])
class FooBarController {
}
I have the controller mapped in UrlMappings:
"/foo/bar"
It seems that when I try and access the controller as /foo/bar the annotations are effectively ignored.
I saw something that said I need to use the controllerAnnotations.staticRules. My first question is:
Do I need to duplicate all my rules in the static rules or is it enough to say it's secured and the filters will pick up the specific rules from the annotations?
I have another scenario where I secure a contoller with UrlMappings, the default URL path is changed but not the controller name e.g.
#Secured(['ROLE_ADMIN'])
MyApiController {
}
UrlMapping is: /api/company/1/myApi
In this case the annotation is picked up without any necessary configuration in the staticRules so I'm pretty confused by what needs to be configured where and under what circumstances.
It looks like the problem here is that the UrlMapping doesn't match the default controller mapping convention. i.e. the Config.groovy mapping is referring to the UrlMapping instead of referring to the actual controller name.
See this answer: https://stackoverflow.com/a/16737980/57357 for a fuller explanation.
IMO this is non-intuitive, but that's the way it currently works. Note that it does not work this way if you use the InterceptUrlMap style of configuration. If you use the InterceptorUrlMap style, you do refer to the UrlMappings.groovy's URL mappings.
Related
i have a PropertyController, which I use to serve a bunch of pages. For example..
/Property
/Property/{id}
/Property/add
/property/edit/{id}
I now need to do a bunch of stuff based on a particular property I will need to do serve pages like this:
/Property/{id}/images/add
/Property/{id}/images/edit/{id}
/Property/{id}/rooms/add
/Property/{id}/rooms/edit/{id}
I think I need to build a new ImagesController and RoomsController, but do I need to but these in a folder structure? My RouteConfig is currently set to the default MapRoute rule ({controller}/{action}/{id}
You don't need to reflect your routing structure in your folders structure.
Check this one out:
ASP.Net MVC support for Nested Resources?.
Effectively your routing string is a regExpression to match whatever comes in from a requester. And if there's a match it's trying to bind all the variables in your expression to values from the HTTP request.
In regard to creating new controllers - a rule of thumb is to create a controller per resource / business entity. So in your case I would say yes to ImagesController, RoomsController and PropertyController.
Grails 3.0.1 here. I'm looking to accomplish a specific URL/controller structure. My app deploys at the root context (/), meaning locally it runs as http://localhost:8080, and non-locally as http://someserver.example.org.
I want everything under /app/* to be authenticated and considered to be part of the "core app" (requires login). Anything outside of that URL is considered to be a part of the public website (unauthenticated). However, I want /app/ itself to just be a placeholder of sorts; I do not want it to be a Grails controller. Hence:
http://localhost:8080/app may be configured (UrlMappings?) to bring up a login page
http://localhost:8080/app/<controller>/<action> follows typical Grails controller/action suit, and would invoke the correct controller action
Hence http://localhost:8080/app/order/create would be authenticated and, if logged in, invoke the OrderController#create action, which might render a createOrder.gsp.
I'm wondering what the Grails 3.x approach is to:
Allowing /app/ to exist, but not as a controller (like I said, perhaps just redirecting/mapping to a login page)
Allowing anything underneath /app/ to follow the controller/action paradigm
Thoughts on how to implement this?
Update
class UrlMappings {
static mappings = {
"/$controller/$action?/$id?(.$format)?"{
constraints {
// apply constraints here
}
}
"/app/$controller/$action?/$id?" {
???
}
"/"(view:"/index")
"500"(view:'/error')
"404"(view:'/notFound')
}
}
Grails has the possibility to declare namespaces for Controllers. With this, you can put all your controllers under the namespace 'app', which should result in exactly your second question. See docs for more details.
The security restriction then be accomplished with normal spring security settings (#Secured e.g).
I'm trying to build some dynamic URL mappings that are based on the domain classes of the grails project. The goal is to use a single generic controller, but the URL decides which domain is being used for processing. The problem is now, that I don't get the desired URLs when using the <g:link /> tag.
I tried the following variants to create the URL mappings:
static mappings = {
Holders.grailsApplication.domainClasses.each {
"/admin/${it.propertyName}/$action?/$id?"(controller: "admin")
}
}
static mappings = {
"/admin/$domainClass/$action?/$id?"(controller: "admin")
}
Both variants work for the actual URL matching. But I personally don't like the behavior of the reverse URL mapping by grails. In case of variant 1, the reverse mapping always resolves to the last added URL mapping for the AdminController. For case 2 I have the problem that I would have to pass the domainClass-Parameter to every link-creating call, even though it is theoretically not necessary, since the information is already present in the current request.
I know there is the possibility of using named URL mappings and then using something like <g:link mapping="mapping_name" />. The problem is that I am using some generic application-wide partial-views, where I try to only provide the necessary information for creating a link, like <g:link action="something" />.
This leads to my two questions:
Is there a possibility to get g:link to build the URL based on the matched mapping in the current request?
Is there a way to get a reference to the mapping that matched the current request, so I can implement to desired behavior myself?
You could define named mappings like
Holders.grailsApplication.domainClasses.each { dc ->
name((dc.propertyName):"/admin/${dc.propertyName}/$action?/$id?" {
controller = "admin"
domainClass = dc.propertyName
})
}
With the mapping name saved in the params you can now do
<g:link mapping="${params.domainClass}">link text</g:link>
How do I create a urlmapping that maps controller A essentially as controller B?
I thought something like this would work, but no dice.
"/my/"(controller: 'other', action: '*')
When you specify a controller in UrlMappings, leave off the trailing "Controller" (e.g. "my", instead of "myController"). You also need some way of choosing which action.
You probably want something like "/my/$action?"(controller: 'my'), which maps urls like /my/foo to the foo action in MyController. The trailing question mark means the action part of the url is optional; /my will trigger MyController.index.
Note that the grails convention is already to map /my to MyController with the default mapping "/$controller/$action?/$id?"{}, so you don't need a special UrlMapping for your example. You might want to consider just using the defaults and follow the convention.
Recently, I'm trying to migrating my application from CakePHP to Grails. So far it's been a smooth sailing, everything I can do with CakePHP, I can do it with much less code in Grails. However, I have one question :
In CakePHP, there's an URL Prefix feature that enables you to give prefix to a certain action url, for example, if I have these actions in my controller :
PostController
admin_add
admin_edit
admin_delete
I can simply access it from the URL :
mysite/admin/post/add
mysite/admin/post/edit/1
mysite/admin/post/delete/2
instead of:
mysite/post/admin_add
mysite/post/admin_edit/1
mysite/post/admin_delete/2
Is there anyway to do this in Grails, or at least alternative of doing this?
Grails URL Mappings documentation doesn't help you in this particular case (amra, next time try it yourself and post an answer only if it's any help). Daniel's solution was close, but wouldn't work, because:
the action part must be in a closure when created dynamically
all named parameters excluding "controller", "action" and "id" are accessible via the params object
A solution could look like this:
"/admin/$controller/$adminAction?/$param?"{
action = { "admin_${params.adminAction}" }
}
The key is NOT to name the parameter as "action", because it seems to be directly mapped to an action and can not be overriden.
I also tried a dynamic solution with generic prefixes and it seems to work as well:
"/$prefix/$controller/$adminAction?/$param?"{
action = { "${params.prefix}_${params.adminAction}" }
}
I didn't test it, but try this:
"mysite/$prefix/$controller/$method/$id?"{
action = "${prefix}_${method}"
}
It constructs the action name from the prefix and the method.
Just take a look on grails URL Mappings documentation part