How to save automatically the current logged in user to domain with Grails?

1
votes

I've a question about Grails (using version 2.3.7). I would like to save the username of the current logged in user (I'm using the spring security core plugin) to all my domains, so the user can only see/edit his own data if he logs in. To filter the content by user it is necessary to save the username with the data to the database.

I didn't find an example how to do this in an easy and appropriate way. It is not really necessary to add the username manually on every single Controller and in every method?? (save, edit etc.)

Thanks for any help, sbr

EDIT: What I need is something that is described here: http://www.javacodegeeks.com/2013/11/getting-started-with-method-security-in-grails-using-spring-security.html So I extended my Domain-Class with "static belongsTo = [author: User]" and the User-Class with "static hasMany = [notes: Note]". But now when I want to save a new Domain I receive the error that the author cannot be null. So HOW to fill this property with the current logged in user?

1
databasesecuritygrailssave
I suggest you look at the ACL plugin. It's a lot of reading but it's designed to do exactly what you are looking to do. grails.org/plugin/spring-security-aclJoshua Moore
thanks I already had a look on this plugin and I had the impression it is too big and mighty for my needs. Isn't it possible to define a default value with the user on the domain class? Or if I really need the ACL plugin, does anyone know a tutorial for this issue?sbr11
If you really want to head down that road then this will help put you on the right path: stackoverflow.com/questions/6984031/…Joshua Moore
okay I dont't think that I want to do meta-programming. I'm just wondering that there is no smaller solution. Do you know how to configure the ACL plugin for my needs?sbr11
I don't know how to configure the ACL plugin for your needs, but you could always use the suggestion in the link I provided you of extending a base class for all your domains which would include the username. If you like I can try and write up an example as an answer. Be aware though, this approach will prevent you from extending your classes any further. Since a class can only extend one class. Even then though, you will have to deal with filtering on your own. Which could be done using the hibernate filters plugin. I think.Joshua Moore

1 Answers

0
votes

I would like to save the username of the current logged in user (I'm using the spring security core plugin) to all my domains, so the user can only see/edit his own data if he logs in.

It sounds like you were considering adding the username to the domain classes owned by a user? This is not a good approach, you should instead add an association between User and these domain class.

But now when I want to save a new Domain I receive the error that the author cannot be null. So HOW to fill this property with the current logged in user? 

class NoteService {
  SpringSecurityService springSecurityService

  Note saveNote(Note note) {
    User currentUser = springSecurityService.currentUser
    currentUser.addToNotes(note)
    note.save()
  }
}