virtualdogbert / enforcer Goto Github PK

I'm planning on doing this and releasing Enforcer 2.0 sometime this week...

So in the next version I want to make it so that the Enforce transform can be applied to a class, which means it would be applied to each method in the class, but if there is already a method annotation that one would take precedence over the class annotation.

The Templates need some documentation.

Hey Tucker,

Recently I noticed one weird bug with Static type checking and Transactional behavior.
Simple code snipped:

@Transactional
class MyService {

    @Enforce({hasRole('ADMIN')})
    void foo() {
        log.info("Hello from foo")
    }

}

Here, Enforce annotation has no Static compilation marker, and thus I assume that Static type checking will not be performed. But in fact, the code can not be compiled:

> Task :compileGroovy FAILED
startup failed:
.../grails-app/services/com/MyService.groovy: 11: [Static type checking] - Cannot find matching method com.MyService#hasRole(java.lang.String). Please check if the declared type is correct and if the method exists.
 @ line 11, column 15.
       @Enforce({hasRole('ADMIN')})
                 ^

1 error

If I replace Enforce annotation by EnforceS, than the output is the following:

> Task :server:compileGroovy FAILED
startup failed:
.../grails-app/services/com/MyService.groovy: 14: [Static type checking] - The variable [log] is undeclared.
 @ line 14, column 9.
           log.info("Hello from foo")
           ^

1 error

The code compiles correctly if I do one of the following:

1. Replace Enforce by EnforceTS annotation
2. Add another method marked by EnforceTS annotation
3. Remove Transactional annotation from the class and from the method

I am not sure that this is correct behavior. Could you please take a look?

For some reason the where closures were causing me nothing but problems, so I swapped them with dynamic finders, but I'm not really happy with that as a solution, because, its pretty unreadable.

The where closure was returning records even when it shouldn't have, in the unit tests.

Unable to produce AST for this phase due to earlier compilation error:
startup failed:
script1509283741398.groovy: 34: [Static type checking] - The variable [sp] is undeclared.
@ line 34, column 25.
@Enforce({isCreator(sp)})
^

script1509283741398.groovy: 34: [Static type checking] - Cannot find matching method com.security.TestService#isCreator(java.lang.Object). Please check if the declared type is right and if the method exists.
@ line 34, column 15.
@Enforce({isCreator(sp)})
^

2 errors

Fix the above error(s) and then press Refresh

My feealing after looking at the code, I think that this is the line that is biting me:
https://github.com/grails/grails-data-mapping/blob/master/grails-datastore-gorm/src/main/groovy/org/grails/datastore/gorm/transform/AbstractMethodDecoratingTransformation.groovy#L225

Write some scripts to generate some crud ui to deal with domain roles.

I've already found the issue and fixed it, I just have to commit it up. The issue was how I was looking up the domain role and cheeking that it is in the role hierarchy. So the new code is 👍

DomainRole domainRole = DomainRole.findByDomainNameAndDomainIdAndUser(domainName, domainObject.id, user)
role in roleHierarchy[domainRole?.role]

So for an upgrade I'm going to bring the enforcer service into the plugin, and change the quick start script to an override, so that I can add the service in the ast, and just add the method call to it directory, rather than using Holders to look it up.

Documentation only makes it appear this plugin is compatible with grails 3.3.x. (Granted the plugin states def grailsVersion = '3.3.0 > *') I've tested the plugin and it seems to work in grails 4.0.x. Is there anyway you can specify the compatibility of the plugin in the documentation. I am getting some push back regarding this plugin in a project because it doesn't state explicitly compatibility with a non-end-of-life grails version.

Also, could you explain why this repo has a version of 1.3.4 and the latest release is 2.0.1 on the grails plugin website?

Thank you in advance for any clarification or updates you can provide.

Also, as a side note, we have tested in grails 4.0.x but also plan on updating our grails application to 5. So any information you might have in advance on compatibility with Grails 5 would also be beneficial.

Just to get ahead of this because the documentation mentions the 0.3.1 version, which you can get by adding from here:
https://bintray.com/virtualdogbert/plugins/virtualdogbert.plugins%3Aenforcer/0.3.1/view

adding this repo:

repositories {
maven {
url "http://dl.bintray.com/virtualdogbert/plugins"
}
}

Once my repo has been included in the main I'll close this ticket.

Create video tutorials on how and why to use enforcer, upload to youtube, and embed in the documentation.

I actually already have this done, but I have to some documentation.

Change it to be like my other AST transform:
https://github.com/virtualdogbert/testAst3_3/blob/master/src/ast/groovy/ast/virtualdogbert/ConfigASTTransformation.groovy#L102-L104

Add creator user field to domain object, and use it in the enforcer annotator for changeDomainRole, so that the original creator can add permission for themselves at the time of creation.

Add a check for isCreator to the DomainRoleTrait

Add documentation for creator.