Spring Security Core Plugin 二 (领域类)
Person Class
自定义时username, enabled 和password是必备三个属性, 另外还需要定义一个authorities属性或getAuthorities方法.
package com.mycompany.myapp
import groovy.transform.EqualsAndHashCode
import groovy.transform.ToString
import grails.compiler.GrailsCompileStatic
@GrailsCompileStatic
@EqualsAndHashCode(includes='username')
@ToString(includes='username', includeNames=true, includePackage=false)
class User implements Serializable {
private static final long serialVersionUID = 1
String username
String password
boolean enabled = true
boolean accountExpired
boolean accountLocked
boolean passwordExpired
Set getAuthorities() {
(UserRole.findAllByUser(this) as List)*.role as Set
}
static constraints = {
password blank: false, password: true
username blank: false, unique: true
}
static mapping = {
password column: '`password`'
}
} | Property | Default Value | Meaning |
|---|---|---|
| userLookup.userDomainClassName |
none |
User class name |
| userLookup.usernamePropertyName |
“username” |
User class username property |
| userLookup.passwordPropertyName |
“password” |
User class password property |
| userLookup.authoritiesPropertyName |
“authorities” |
User class role collection property |
| userLookup.enabledPropertyName |
“enabled” |
User class enabled property |
| userLookup.accountExpiredPropertyName |
“accountExpired” |
User class account expired property |
| userLookup.accountLockedPropertyName |
“accountLocked” |
User class account locked property |
| userLookup.passwordExpiredPropertyName |
“passwordExpired” |
User class password expired property |
| userLookup.authorityJoinClassName |
none |
User/Role many-many join class name |
Authority Class
没有权限时, 对应一个虚拟的角色ROLE_NO_ROLES.
自定义时, authority属性是必须属性. 角色名称必须以ROLE_开头
package com.mycompany.myapp
import groovy.transform.EqualsAndHashCode
import groovy.transform.ToString
import grails.compiler.GrailsCompileStatic
@GrailsCompileStatic
@EqualsAndHashCode(includes='authority')
@ToString(includes='authority', includeNames=true, includePackage=false)
class Role implements Serializable {
private static final long serialVersionUID = 1
String authority
static constraints = {
authority blank: false, unique: true
}
static mapping = {
cache true
}
}| Property | Default Value | Meaning |
|---|---|---|
| authority.className |
none |
Role class name |
| authority.nameField |
“authority” |
Role class role name property |
PersonAuthority Class
角色和用户多对多关系映射
package com.mycompany.myapp
import grails.gorm.DetachedCriteria
import groovy.transform.ToString
import org.codehaus.groovy.util.HashCodeHelper
import grails.compiler.GrailsCompileStatic
@GrailsCompileStatic
@ToString(cache=true, includeNames=true, includePackage=false)
class UserRole implements Serializable {
private static final long serialVersionUID = 1
User user
Role role
@Override
boolean equals(other) {
if (other instanceof UserRole) {
other.userId == user?.id && other.roleId == role?.id
}
}
@Override
int hashCode() {
int hashCode = HashCodeHelper.initHash()
if (user) {
hashCode = HashCodeHelper.updateHash(hashCode, user.id)
}
if (role) {
hashCode = HashCodeHelper.updateHash(hashCode, role.id)
}
hashCode
}
static UserRole get(long userId, long roleId) {
criteriaFor(userId, roleId).get()
}
static boolean exists(long userId, long roleId) {
criteriaFor(userId, roleId).count()
}
private static DetachedCriteria criteriaFor(long userId, long roleId) {
UserRole.where {
user == User.load(userId) &&
role == Role.load(roleId)
}
}
static UserRole create(User user, Role role, boolean flush = false) {
def instance = new UserRole(user: user, role: role)
instance.save(flush: flush)
instance
}
static boolean remove(User u, Role r) {
if (u != null && r != null) {
UserRole.where { user == u && role == r }.deleteAll()
}
}
static int removeAll(User u) {
u == null ? 0 : UserRole.where { user == u }.deleteAll() as int
}
static int removeAll(Role r) {
r == null ? 0 : UserRole.where { role == r }.deleteAll() as int
}
static constraints = {
role validator: { Role r, UserRole ur ->
if (ur.user?.id) {
UserRole.withNewSession {
if (UserRole.exists(ur.user.id, r.id)) {
return ['userRole.exists']
}
}
}
}
}
static mapping = {
id composite: ['user', 'role']
version false
}
}| Property | Default Value | Meaning |
|---|---|---|
| userLookup.authorityJoinClassName |
none |
User/Role many-many join class name |
Group Class
组用户类
package com.mycompany.myapp
import groovy.transform.EqualsAndHashCode
import groovy.transform.ToString
import grails.compiler.GrailsCompileStatic
@GrailsCompileStatic
@EqualsAndHashCode(includes='name')
@ToString(includes='name', includeNames=true, includePackage=false)
class RoleGroup implements Serializable {
private static final long serialVersionUID = 1
String name
Set getAuthorities() {
(RoleGroupRole.findAllByRoleGroup(this) as List)*.role as Set
}
static constraints = {
name blank: false, unique: true
}
static mapping = {
cache true
}
} | Property | Default Value | Meaning |
|---|---|---|
| useRoleGroups |
|
Whether to use “authority group” implementation when loading user authorities |
| authority.groupAuthorityNameField |
none |
RoleGroup class role collection property |
PersonGroup Class
用户和组多对多映射.
package com.mycompany.myapp
import grails.gorm.DetachedCriteria
import groovy.transform.ToString
import org.codehaus.groovy.util.HashCodeHelper
import grails.compiler.GrailsCompileStatic
@GrailsCompileStatic
@ToString(cache=true, includeNames=true, includePackage=false)
class UserRoleGroup implements Serializable {
private static final long serialVersionUID = 1
User user
RoleGroup roleGroup
@Override
boolean equals(other) {
if (other instanceof UserRoleGroup) {
other.userId == user?.id && other.roleGroupId == roleGroup?.id
}
}
@Override
int hashCode() {
int hashCode = HashCodeHelper.initHash()
if (user) {
hashCode = HashCodeHelper.updateHash(hashCode, user.id)
}
if (roleGroup) {
hashCode = HashCodeHelper.updateHash(hashCode, roleGroup.id)
}
hashCode
}
static UserRoleGroup get(long userId, long roleGroupId) {
criteriaFor(userId, roleGroupId).get()
}
static boolean exists(long userId, long roleGroupId) {
criteriaFor(userId, roleGroupId).count()
}
private static DetachedCriteria criteriaFor(long userId, long roleGroupId) {
UserRoleGroup.where {
user == User.load(userId) &&
roleGroup == RoleGroup.load(roleGroupId)
}
}
static UserRoleGroup create(User user, RoleGroup roleGroup, boolean flush = false) {
def instance = new UserRoleGroup(user: user, roleGroup: roleGroup)
instance.save(flush: flush)
instance
}
static boolean remove(User u, RoleGroup rg) {
if (u != null && rg != null) {
UserRoleGroup.where { user == u && roleGroup == rg }.deleteAll()
}
}
static int removeAll(User u) {
u == null ? 0 : UserRoleGroup.where { user == u }.deleteAll() as int
}
static int removeAll(RoleGroup rg) {
rg == null ? 0 : UserRoleGroup.where { roleGroup == rg }.deleteAll() as int
}
static constraints = {
user validator: { User u, UserRoleGroup ug ->
if (ug.roleGroup?.id) {
UserRoleGroup.withNewSession {
if (UserRoleGroup.exists(u.id, ug.roleGroup.id)) {
return ['userGroup.exists']
}
}
}
}
}
static mapping = {
id composite: ['roleGroup', 'user']
version false
}
}GroupAuthority Class
组和权限多对多映射
package com.mycompany.myapp
import grails.gorm.DetachedCriteria
import groovy.transform.ToString
import org.codehaus.groovy.util.HashCodeHelper
import grails.compiler.GrailsCompileStatic
@GrailsCompileStatic
@ToString(cache=true, includeNames=true, includePackage=false)
class RoleGroupRole implements Serializable {
private static final long serialVersionUID = 1
RoleGroup roleGroup
Role role
@Override
boolean equals(other) {
if (other instanceof RoleGroupRole) {
other.roleId == role?.id && other.roleGroupId == roleGroup?.id
}
}
@Override
int hashCode() {
int hashCode = HashCodeHelper.initHash()
if (roleGroup) {
hashCode = HashCodeHelper.updateHash(hashCode, roleGroup.id)
}
if (role) {
hashCode = HashCodeHelper.updateHash(hashCode, role.id)
}
hashCode
}
static RoleGroupRole get(long roleGroupId, long roleId) {
criteriaFor(roleGroupId, roleId).get()
}
static boolean exists(long roleGroupId, long roleId) {
criteriaFor(roleGroupId, roleId).count()
}
private static DetachedCriteria criteriaFor(long roleGroupId, long roleId) {
RoleGroupRole.where {
roleGroup == RoleGroup.load(roleGroupId) &&
role == Role.load(roleId)
}
}
static RoleGroupRole create(RoleGroup roleGroup, Role role, boolean flush = false) {
def instance = new RoleGroupRole(roleGroup: roleGroup, role: role)
instance.save(flush: flush)
instance
}
static boolean remove(RoleGroup rg, Role r) {
if (rg != null && r != null) {
RoleGroupRole.where { roleGroup == rg && role == r }.deleteAll()
}
}
static int removeAll(Role r) {
r == null ? 0 : RoleGroupRole.where { role == r }.deleteAll() as int
}
static int removeAll(RoleGroup rg) {
rg == null ? 0 : RoleGroupRole.where { roleGroup == rg }.deleteAll() as int
}
static constraints = {
role validator: { Role r, RoleGroupRole rg ->
if (rg.roleGroup?.id) {
RoleGroupRole.withNewSession {
if (RoleGroupRole.exists(rg.roleGroup.id, r.id)) {
return ['roleGroup.exists']
}
}
}
}
}
static mapping = {
id composite: ['roleGroup', 'role']
version false
}
}Requestmap Class
在数据库中保存request mapping.
| Property | Default Value | Meaning |
|---|---|---|
| requestMap.className |
none |
requestmap class name |
| requestMap.urlField |
“url” |
URL pattern property name |
| requestMap.configAttributeField |
“configAttribute” |
authority pattern property name |
| requestMap.httpMethodField |
“httpMethod” |
HTTP method property name (optional, does not have to exist in the class if you don’t require URL/method security) |
package com.mycompany.myapp
import org.springframework.http.HttpMethod
import groovy.transform.EqualsAndHashCode
import groovy.transform.ToString
import grails.compiler.GrailsCompileStatic
@GrailsCompileStatic
@EqualsAndHashCode(includes=['configAttribute', 'httpMethod', 'url'])
@ToString(includes=['configAttribute', 'httpMethod', 'url'], cache=true, includeNames=true, includePackage=false)
class RequestMap implements Serializable {
private static final long serialVersionUID = 1
String configAttribute
HttpMethod httpMethod
String url
static constraints = {
configAttribute blank: false
httpMethod nullable: true
url blank: false, unique: 'httpMethod'
}
static mapping = {
cache true
}
}
最后欢迎大家访问我的个人网站:1024s