fixes bug #14 - 'implement basic access control', incorporating the G…

…rails Shiro plugin

.classpath

@@ -10,6 +10,7 @@
 	<classpathentry kind="src" path="grails-app/utils"/>
 	<classpathentry kind="src" path="test/integration"/>
 	<classpathentry kind="src" path="test/unit"/>
+	<classpathentry kind="src" path="grails-app/realms"/>
 	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
 	<classpathentry kind="src" path=".link_to_grails_plugins/feeds-1.5/grails-app/i18n">
 		<attributes>
@@ -31,6 +32,36 @@
 			<attribute name="org.grails.ide.eclipse.core.SOURCE_FOLDER" value="true"/>
 		</attributes>
 	</classpathentry>
+	<classpathentry excluding="BuildConfig.groovy|*DataSource.groovy|UrlMappings.groovy|Config.groovy|BootStrap.groovy|spring/resources.groovy" kind="src" path=".link_to_grails_plugins/jaxrs-0.8/grails-app/conf">
+		<attributes>
+			<attribute name="org.grails.ide.eclipse.core.SOURCE_FOLDER" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="src" path=".link_to_grails_plugins/jaxrs-0.8/grails-app/controllers">
+		<attributes>
+			<attribute name="org.grails.ide.eclipse.core.SOURCE_FOLDER" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="src" path=".link_to_grails_plugins/jaxrs-0.8/grails-app/i18n">
+		<attributes>
+			<attribute name="org.grails.ide.eclipse.core.SOURCE_FOLDER" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="src" path=".link_to_grails_plugins/jaxrs-0.8/grails-app/resources">
+		<attributes>
+			<attribute name="org.grails.ide.eclipse.core.SOURCE_FOLDER" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="src" path=".link_to_grails_plugins/jaxrs-0.8/src/groovy">
+		<attributes>
+			<attribute name="org.grails.ide.eclipse.core.SOURCE_FOLDER" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="src" path=".link_to_grails_plugins/jaxrs-0.8/src/java">
+		<attributes>
+			<attribute name="org.grails.ide.eclipse.core.SOURCE_FOLDER" value="true"/>
+		</attributes>
+	</classpathentry>
 	<classpathentry kind="src" path=".link_to_grails_plugins/jms-1.2/grails-app/services">
 		<attributes>
 			<attribute name="org.grails.ide.eclipse.core.SOURCE_FOLDER" value="true"/>
@@ -116,6 +147,36 @@
 			<attribute name="org.grails.ide.eclipse.core.SOURCE_FOLDER" value="true"/>
 		</attributes>
 	</classpathentry>
+	<classpathentry excluding="BuildConfig.groovy|*DataSource.groovy|UrlMappings.groovy|Config.groovy|BootStrap.groovy|spring/resources.groovy" kind="src" path=".link_to_grails_plugins/shiro-1.1.4/grails-app/conf">
+		<attributes>
+			<attribute name="org.grails.ide.eclipse.core.SOURCE_FOLDER" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="src" path=".link_to_grails_plugins/shiro-1.1.4/grails-app/i18n">
+		<attributes>
+			<attribute name="org.grails.ide.eclipse.core.SOURCE_FOLDER" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="src" path=".link_to_grails_plugins/shiro-1.1.4/grails-app/services">
+		<attributes>
+			<attribute name="org.grails.ide.eclipse.core.SOURCE_FOLDER" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="src" path=".link_to_grails_plugins/shiro-1.1.4/grails-app/taglib">
+		<attributes>
+			<attribute name="org.grails.ide.eclipse.core.SOURCE_FOLDER" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="src" path=".link_to_grails_plugins/shiro-1.1.4/src/groovy">
+		<attributes>
+			<attribute name="org.grails.ide.eclipse.core.SOURCE_FOLDER" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="src" path=".link_to_grails_plugins/shiro-1.1.4/src/java">
+		<attributes>
+			<attribute name="org.grails.ide.eclipse.core.SOURCE_FOLDER" value="true"/>
+		</attributes>
+	</classpathentry>
 	<classpathentry kind="con" path="org.grails.ide.eclipse.core.CLASSPATH_CONTAINER"/>
 	<classpathentry kind="output" path="target-eclipse/classes"/>
 </classpath>

.settings/org.eclipse.core.resources.prefs

@@ -1,9 +1,11 @@
 eclipse.preferences.version=1
 encoding//.link_to_grails_plugins/feeds-1.5/grails-app/i18n/messages.properties=UTF-8
 encoding//.link_to_grails_plugins/hibernate-2.2.3/grails-app/i18n/messages.properties=UTF-8
+encoding//.link_to_grails_plugins/jaxrs-0.8/grails-app/i18n/messages.properties=UTF-8
 encoding//.link_to_grails_plugins/jquery-1.4.4.1/grails-app/i18n/messages.properties=UTF-8
 encoding//.link_to_grails_plugins/navigation-1.1.1/grails-app/i18n/messages.properties=UTF-8
 encoding//.link_to_grails_plugins/quartz-1.0-RC9/grails-app/i18n/messages.properties=UTF-8
+encoding//.link_to_grails_plugins/shiro-1.1.4/grails-app/i18n/messages.properties=UTF-8
 encoding//grails-app/i18n/messages.properties=UTF-8
 encoding//grails-app/i18n/messages_de.properties=UTF-8
 encoding//grails-app/i18n/messages_es.properties=UTF-8
@@ -15,3 +17,4 @@ encoding//grails-app/i18n/messages_pt_BR.properties=UTF-8
 encoding//grails-app/i18n/messages_ru.properties=UTF-8
 encoding//grails-app/i18n/messages_th.properties=UTF-8
 encoding//grails-app/i18n/messages_zh_CN.properties=UTF-8
+encoding//grails-app/i18n/shiro.properties=UTF-8

grails-app/conf/BootStrap.groovy

@@ -7,13 +7,15 @@ import org.apache.lucene.index.IndexWriter.MaxFieldLength
 import org.apache.lucene.store.Directory
 import org.apache.lucene.store.NIOFSDirectory
 import org.apache.lucene.util.Version
+import org.fogbeam.neddick.AccountRole
 import org.fogbeam.neddick.Channel
 import org.fogbeam.neddick.User
 
 class BootStrap {
 
 	 def entryCacheService;
 	 def siteConfigService;
+	 def userService;
 
      def init = { servletContext ->
 
@@ -23,7 +25,8 @@ class BootStrap {
 	     {
 	         case Environment.DEVELOPMENT:
 	        	 createDefaultChannel();
-	        	 createAdminUser();
+				 createRoles();
+				 createAdminUser();
 	             createSomeUsers();
 				 createSomeChannels();
 	             createAnonymousUser();
@@ -114,15 +117,130 @@ class BootStrap {
 		 }
 	}
 
+
+	 void createRoles()
+	 {
+
+		 println "Creating roles...";
+		 AccountRole userRole = userService.findAccountRoleByName( "user" );
+		 if( userRole != null )
+		 {
+			 println "Existing AccountRole user found";
+		 }
+		 else
+		 {
+			 println "No existing AccountRole user found, so creating now...";
+
+			userRole = new AccountRole( name: "user" );
+			 // userRole.addToPermissions( "admin:*" );
+			 userRole.addToPermissions( "channel:*" );
+			 userRole.addToPermissions( "comment:*" );
+			 userRole.addToPermissions( "entry:*" );
+			 userRole.addToPermissions( "filter:*" );
+			 userRole.addToPermissions( "home:*" );
+			 // userRole.addToPermissions( "queue:*" );
+			 userRole.addToPermissions( "rssFeed:*" );
+			 // userRole.addToPermissions( "schedule:*" );
+			 userRole.addToPermissions( "search:*" );
+			 userRole.addToPermissions( "share:*" );
+			 // userRole.addToPermissions( "siteConfigEntry:*" );
+			 userRole.addToPermissions( "tag:*" );
+			 userRole.addToPermissions( "trigger:*" );
+			 userRole.addToPermissions( "user:*" );
+			 userRole.addToPermissions( "userHome:*" );
+			 userRole.addToPermissions( "vote:*" );
+
+			userRole = userService.createAccountRole( userRole );
+
+			if( !userRole )
+			{
+				println "Error creating userRole";
+			}
+
+		 }
+
+		 AccountRole adminRole = userService.findAccountRoleByName( "admin" );
+		 if( adminRole != null )
+		 {
+			 println "Existing AccountRole admin found";
+		 }
+		 else
+		 {
+			 println "No existing AccountRole admin found, so creating now...";
+
+			 adminRole = new AccountRole( name: "admin" );
+
+			 adminRole.addToPermissions( "admin:*" );
+			 adminRole.addToPermissions( "channel:*" );
+			 adminRole.addToPermissions( "comment:*" );
+			 adminRole.addToPermissions( "entry:*" );
+			 adminRole.addToPermissions( "filter:*" );
+			 adminRole.addToPermissions( "home:*" );
+			 adminRole.addToPermissions( "queue:*" );
+			 adminRole.addToPermissions( "rssFeed:*" );
+			 adminRole.addToPermissions( "schedule:*" );
+			 adminRole.addToPermissions( "search:*" );
+			 adminRole.addToPermissions( "share:*" );
+			 adminRole.addToPermissions( "siteConfigEntry:*" );
+			 adminRole.addToPermissions( "tag:*" );
+			 adminRole.addToPermissions( "trigger:*" );
+			 adminRole.addToPermissions( "user:*" );
+			 adminRole.addToPermissions( "userHome:*" );
+			 adminRole.addToPermissions( "vote:*" );
+
+
+			 adminRole = userService.createAccountRole( adminRole );
+
+			 if( !adminRole )
+			 {
+				 println "Error creating adminRole";
+			 }
+
+		 }
+
+
+
+	 }
+
+
      void createSomeUsers()
-     {
+     {  
+		 AccountRole userRole = userService.findAccountRoleByName( "user" );
+
+		 if( userRole == null )
+		 {
+			 println "did not locate user role!";
+		 }
+
+
+		 AccountRole adminRole = userService.findAccountRoleByName( "admin" );
+		 if( adminRole == null )
+		 {
+			 println "did not locate admin role!";
+		 }
+
+
          if( !User.findByUserId( "prhodes" ))
          {
              log.info( "Fresh Database, creating PRHODES user" );
-             def user = new User( userId: "prhodes", password: "secret",
-                     fullName: "Phillip Rhodes", email: "prhodes@example.com", bio:"" );
-
-             if( !user.save() )
+			 def userPrhodes = new User();
+
+			 println "Could not find prhodes";
+			 println "Creating new prhodes user";
+			 userPrhodes = new User();
+			 userPrhodes.uuid = "abc123";
+			 userPrhodes.fullName = "Phillip Rhodes";
+			 userPrhodes.email = "motley.crue.fan@gmail.com";
+			 userPrhodes.userId = "prhodes";
+			 userPrhodes.password = "secret";
+			 userPrhodes.bio = "bio";
+
+
+			 userPrhodes.addToRoles( userRole );
+			 userPrhodes.addToRoles( adminRole );
+
+
+             if( !userPrhodes.save() )
              {
                  log.error( "Saving PRHODES user failed!");
              }
@@ -137,10 +255,22 @@ class BootStrap {
          {
              if( !User.findByUserId( "testuser${i}" ))
              {
-                 log.info( "Fresh Database, creating TESTUSER ${i} user" );
-                 def user = new User( userId: "testuser${i}", password: "secret",
-                         fullName: "Test User ${i}", email: "testuser${i}@example.com", bio:"" );
 
+
+
+				 log.info( "Fresh Database, creating TESTUSER ${i} user" );
+				 def user = new User();
+
+				 user = new User();
+				 user.fullName = "Test User${i}";
+				 user.email = "testuser${i}@example.com";
+				 user.userId = "testuser${i}";
+				 user.password = "secret";
+				 user.bio = "bio";
+
+
+				 user.addToRoles( userRole );
+
                  if( !user.save() )
                  {
                      log.error( "Saving TESTUSER ${i} user failed!");
@@ -156,12 +286,34 @@ class BootStrap {
 
      void createAnonymousUser()
      {
+
+		 AccountRole userRole = userService.findAccountRoleByName( "user" );
+
+		 if( userRole == null )
+		 {
+			 println "did not locate user role!";
+		 }
+
+
+		 AccountRole adminRole = userService.findAccountRoleByName( "admin" );
+		 if( adminRole == null )
+		 {
+			 println "did not locate admin role!";
+		 }
+
          if( !User.findByUserId( "anonymous" ))
          {
              log.info( "Fresh Database, creating ANONYMOUS user" );
-             def user = new User( userId: "anonymous", password: "secret",
-                     fullName: "Anonymous User", email: "anonymous@yourhost.com", bio:"" );
+             def user = new User();
+			 user.userId = "anonymous";
+			 user.password = "secret";
+			 user.fullName = "Anonymous User";
+			 user.email = "anonymous@yourhost.com";
+			 user.bio = "";
 
+			 user.addToRoles( userRole );
+
+
              if( !user.save() )
              {
                  log.error( "Saving ANONYMOUS user failed!");
@@ -176,11 +328,36 @@ class BootStrap {
 
      void createAdminUser()
      {
+
+		 AccountRole userRole = userService.findAccountRoleByName( "user" );
+
+		 if( userRole == null )
+		 {
+			 println "did not locate user role!";
+		 }
+
+
+		 AccountRole adminRole = userService.findAccountRoleByName( "admin" );
+		 if( adminRole == null )
+		 {
+			 println "did not locate admin role!";
+		 }
+
          if( !User.findByUserId( "admin" ))
          {
              log.info( "Fresh Database, creating ADMIN user" );
-             def user = new User( userId: "admin", password: "secret",
-            		 fullName: "Site Administrator", email: "admin@yourhost.com", bio:"" );
+             def user = new User();
+
+			 user.userId = "admin";
+			 user.password = "secret";
+			 user.fullName = "Site Administrator";
+			 user.email = "admin@yourhost.com";
+			 user.bio = "";
+
+
+			 user.addToRoles( userRole );
+			 user.addToRoles( adminRole );
+
              if( !user.save() )
              {
             	 log.error( "Saving ADMIN user failed!");

grails-app/conf/BuildConfig.groovy

@@ -19,8 +19,27 @@ grails.project.dependency.resolution = {
 	//mavenRepo "http://repository.jboss.com/maven2/"
  } 
  dependencies { 
-	     // specify dependencies here under either 'build', 'compile', ...
+	    // specify dependencies here under either 'build', 'compile', ...
 
-	     // runtime 'mysql:mysql-connector-java:5.1.5' 
-	     } 
+ 		// runtime 'mysql:mysql-connector-java:5.1.5'
+
+	 	compile "org.grails:grails-webflow:$grailsVersion"
+
+
+	}
+
+ plugins {
+
+	 compile ':webflow:2.0.0', {
+		 exclude 'grails-webflow'
+	 	}
+
+	 runtime( ":shiro:1.1.4" ){
+		 exclude 'quartz';
+	 	}
+
+	 compile ":jaxrs:0.8"
+
+   }
+
 }