virtualdogbert / enforcer Goto Github PK
View Code? Open in Web Editor NEWThe Enforcer Grails plugin, is for enforcing business rules in Grails applications. Also it's an alternative to Spring Security ACL.
License: Apache License 2.0
The Enforcer Grails plugin, is for enforcing business rules in Grails applications. Also it's an alternative to Spring Security ACL.
License: Apache License 2.0
I'm planning on doing this and releasing Enforcer 2.0 sometime this week...
So in the next version I want to make it so that the Enforce transform can be applied to a class, which means it would be applied to each method in the class, but if there is already a method annotation that one would take precedence over the class annotation.
The Templates need some documentation.
Hey Tucker,
Recently I noticed one weird bug with Static type checking and Transactional behavior.
Simple code snipped:
@Transactional
class MyService {
@Enforce({hasRole('ADMIN')})
void foo() {
log.info("Hello from foo")
}
}
Here, Enforce annotation has no Static compilation marker, and thus I assume that Static type checking will not be performed. But in fact, the code can not be compiled:
> Task :compileGroovy FAILED
startup failed:
.../grails-app/services/com/MyService.groovy: 11: [Static type checking] - Cannot find matching method com.MyService#hasRole(java.lang.String). Please check if the declared type is correct and if the method exists.
@ line 11, column 15.
@Enforce({hasRole('ADMIN')})
^
1 error
If I replace Enforce
annotation by EnforceS
, than the output is the following:
> Task :server:compileGroovy FAILED
startup failed:
.../grails-app/services/com/MyService.groovy: 14: [Static type checking] - The variable [log] is undeclared.
@ line 14, column 9.
log.info("Hello from foo")
^
1 error
The code compiles correctly if I do one of the following:
Enforce
by EnforceTS
annotationEnforceTS
annotationTransactional
annotation from the class and from the methodI am not sure that this is correct behavior. Could you please take a look?
For some reason the where closures were causing me nothing but problems, so I swapped them with dynamic finders, but I'm not really happy with that as a solution, because, its pretty unreadable.
The where closure was returning records even when it shouldn't have, in the unit tests.
Unable to produce AST for this phase due to earlier compilation error:
startup failed:
script1509283741398.groovy: 34: [Static type checking] - The variable [sp] is undeclared.
@ line 34, column 25.
@Enforce({isCreator(sp)})
^
script1509283741398.groovy: 34: [Static type checking] - Cannot find matching method com.security.TestService#isCreator(java.lang.Object). Please check if the declared type is right and if the method exists.
@ line 34, column 15.
@Enforce({isCreator(sp)})
^
2 errors
Fix the above error(s) and then press Refresh
My feealing after looking at the code, I think that this is the line that is biting me:
https://github.com/grails/grails-data-mapping/blob/master/grails-datastore-gorm/src/main/groovy/org/grails/datastore/gorm/transform/AbstractMethodDecoratingTransformation.groovy#L225
Write some scripts to generate some crud ui to deal with domain roles.
I've already found the issue and fixed it, I just have to commit it up. The issue was how I was looking up the domain role and cheeking that it is in the role hierarchy. So the new code is ๐
DomainRole domainRole = DomainRole.findByDomainNameAndDomainIdAndUser(domainName, domainObject.id, user)
role in roleHierarchy[domainRole?.role]
So for an upgrade I'm going to bring the enforcer service into the plugin, and change the quick start script to an override, so that I can add the service in the ast, and just add the method call to it directory, rather than using Holders to look it up.
Documentation only makes it appear this plugin is compatible with grails 3.3.x. (Granted the plugin states def grailsVersion = '3.3.0 > *') I've tested the plugin and it seems to work in grails 4.0.x. Is there anyway you can specify the compatibility of the plugin in the documentation. I am getting some push back regarding this plugin in a project because it doesn't state explicitly compatibility with a non-end-of-life grails version.
Also, could you explain why this repo has a version of 1.3.4 and the latest release is 2.0.1 on the grails plugin website?
Thank you in advance for any clarification or updates you can provide.
Also, as a side note, we have tested in grails 4.0.x but also plan on updating our grails application to 5. So any information you might have in advance on compatibility with Grails 5 would also be beneficial.
Just to get ahead of this because the documentation mentions the 0.3.1 version, which you can get by adding from here:
https://bintray.com/virtualdogbert/plugins/virtualdogbert.plugins%3Aenforcer/0.3.1/view
adding this repo:
repositories {
maven {
url "http://dl.bintray.com/virtualdogbert/plugins"
}
}
Once my repo has been included in the main I'll close this ticket.
Create video tutorials on how and why to use enforcer, upload to youtube, and embed in the documentation.
I actually already have this done, but I have to some documentation.
Change it to be like my other AST transform:
https://github.com/virtualdogbert/testAst3_3/blob/master/src/ast/groovy/ast/virtualdogbert/ConfigASTTransformation.groovy#L102-L104
Add creator user field to domain object, and use it in the enforcer annotator for changeDomainRole, so that the original creator can add permission for themselves at the time of creation.
Add a check for isCreator to the DomainRoleTrait
Add documentation for creator.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.