Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add/Remove Role from an User gives error when SpringSecurityCore classes are customized #124

Closed
tadeubas opened this issue Mar 8, 2021 · 0 comments · Fixed by #125
Closed

Add/Remove Role from an User gives error when SpringSecurityCore classes are customized #124

tadeubas opened this issue Mar 8, 2021 · 0 comments · Fixed by #125

Comments

@tadeubas
Copy link
Contributor

tadeubas commented Mar 8, 2021
edited
Loading

I've customized the following configs on Grails SpringSecurityCore Plugin:

  • grails.plugin.springsecurity.userLookup.userDomainClassName
  • grails.plugin.springsecurity.userLookup.authorityJoinClassName
  • grails.plugin.springsecurity.authority.className

Then on Grails SpringSecurityUI Plugin when I add/remove a Role from a User and it throws an exception.

Steps to Reproduce

  1. Create an app: download Grails 4 and java 8
  2. mkdir testapp
  3. cd testapp
  4. grails create-app
  5. Add the following dependencies to build.gradle:
dependencies {
...
compile "org.grails.plugins:spring-security-core:4.0.3"
compile "org.grails.plugins:spring-security-ui:4.0.0.M1"
}
  1. Generate the SpringSecurityCorePlugin custom classes: grails s2-quickstart testapp MyUser MyRole
  2. Customize application.groovy to access SpringSecurityUI Plugin with ROLE_ADMIN:
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
...
//Spring Security UI plugin:
[pattern: '/aclClass/**', access: ['ROLE_ADMIN']],
[pattern: '/aclEntry/**', access: ['ROLE_ADMIN']],
[pattern: '/aclObjectIdentity/**', access: ['ROLE_ADMIN']],
[pattern: '/aclSid/**', access: ['ROLE_ADMIN']],
[pattern: '/persistentLogin/**', access: ['ROLE_ADMIN']],
[pattern: '/register/**', access: ['ROLE_ADMIN']],
[pattern: '/registrationCode/**', access: ['ROLE_ADMIN']],
[pattern: '/requestmap/**', access: ['ROLE_ADMIN']],
[pattern: '/role/**', access: ['ROLE_ADMIN']],
[pattern: '/user/**', access: ['ROLE_ADMIN']],
[pattern: '/securityInfo/**', access: ['ROLE_ADMIN']],
]
  1. Customize BootStrap.groovy to create a MyUser with ROLE_ADMIN:
import grails.gorm.transactions.Transactional
...

def init = { servletContext ->
        addTestUser()
    }

@Transactional
    void addTestUser() {
        if (MyUser.count() == 0) {
            def adminRole = new MyRole(authority: 'ROLE_ADMIN').save()
            new MyRole(authority: 'ROLE_USER').save()
            new MyRole(authority: 'ROLE_SWITCH_USER').save()

            def testUser = new MyUser(username: 'admin', password: 'admin').save()

            MyUserMyRole.create testUser, adminRole

            MyUserMyRole.withSession {
                it.flush()
                it.clear()
            }
        }
    }
...
  1. Run the aplication: grails r-a
  2. Access: http://localhost:8080/login/auth
  3. Login with: user: admin pass: admin
  4. Search a user and click on admin
  5. Click on Roles tab, select a new Role (ex.: ROLE_USER) and click Update
  6. Error is shown on the terminal
  7. You could deselect the ROLE_ADMIN and click Update, an error would apper on the terminal too

Expected Behaviour

New relation with the Role should be saved correctly
OR
Remove the Role from user should work correctly

Actual Behaviour

It throws an exception

When adding a ROLE it shows:

2021-03-08 20:08:50.379 ERROR --- [nio-8080-exec-8] g.p.s.ui.SpringSecurityUiService         : Problem in grails.plugin.springsecurity.ui.SpringSecurityUiService@12567611 at "updateUserRoles" with bean MyUser: MyUser(username:admin)

groovy.lang.MissingPropertyException: No such property: user for class: testapp.MyUserMyRole
Possible solutions: myUser
        at org.codehaus.groovy.runtime.ScriptBytecodeAdapter.unwrap(ScriptBytecodeAdapter.java:65)
        at org.codehaus.groovy.runtime.ScriptBytecodeAdapter.setProperty(ScriptBytecodeAdapter.java:498)
        at grails.plugin.springsecurity.ui.SpringSecurityUiService$__tt__addUserRoles_closure48.doCall(SpringSecurityUiService.groovy:413)
...

When removing a ROLE it shows:

2021-03-08 20:15:39.006 ERROR --- [nio-8080-exec-2] g.p.s.ui.SpringSecurityUiService         : Problem in grails.plugin.springsecurity.ui.SpringSecurityUiService@70cbe827 at "updateUserRoles" with bean MyUser: MyUser(username:admin)

groovy.lang.MissingPropertyException: No such property: user for class: org.grails.datastore.gorm.query.criteria.AbstractDetachedCriteria
        at org.grails.datastore.gorm.query.criteria.AbstractDetachedCriteria.propertyMissing(AbstractDetachedCriteria.groovy:998)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:101)
        at groovy.lang.MetaClassImpl.invokeMissingProperty(MetaClassImpl.java:880)
        at groovy.lang.MetaClassImpl.getProperty(MetaClassImpl.java:1868)
        at groovy.lang.MetaClassImpl.getProperty(MetaClassImpl.java:3797)
        at org.grails.datastore.gorm.query.criteria.AbstractDetachedCriteria.getProperty(AbstractDetachedCriteria.groovy)
        at org.codehaus.groovy.runtime.InvokerHelper.getProperty(InvokerHelper.java:190)
        at groovy.lang.Closure.getPropertyTryThese(Closure.java:313)
        at groovy.lang.Closure.getPropertyDelegateFirst(Closure.java:303)
        at groovy.lang.Closure.getProperty(Closure.java:288)
        at org.codehaus.groovy.runtime.callsite.PogoGetPropertySite.getProperty(PogoGetPropertySite.java:49)
        at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callGroovyObjectGetProperty(AbstractCallSite.java:309)
        at grails.plugin.springsecurity.ui.SpringSecurityUiService$__tt__removeUserRole_closure49.doCall(SpringSecurityUiService.groovy:446)
...

Environment Information

  • Operating System: Ubuntu on Windows Subsystem for Linux (WSL)
  • GORM Version: 7.0.8.RELEASE
  • Grails Version (if using Grails): Grails 4.0.8
  • JDK Version: 8.0.282-zulu

Example Application

https://github.com/tadeubas/grails4-spring-security-example
@tadeubas tadeubas changed the title [WIP]Add/Remove Role from an User gives error when SpringSecurityCore classes are customized Add/Remove Role from an User gives error when SpringSecurityCore classes are customized Mar 8, 2021
tadeubas added a commit to tadeubas/grails-spring-security-ui that referenced this issue Mar 8, 2021
@tadeubas
Fix for issue "Add/Remove Role from an User gives error when SpringSe…
dfac560 
…curityCore classes are customized" grails#124
@tadeubas tadeubas mentioned this issue Mar 8, 2021
Merged
puneetbehl pushed a commit to tadeubas/grails-spring-security-ui that referenced this issue Sep 6, 2022
@tadeubas @puneetbehl
Fix for issue "Add/Remove Role from an User gives error when SpringSe…
8143dab 
…curityCore classes are customized" grails#124
puneetbehl added a commit that referenced this issue Sep 6, 2022
@puneetbehl
Merge pull request #125 from tadeubas/master
f39beb0 
Fix for issue #124 when "Add/Remove Role from an User"
@puneetbehl puneetbehl linked a pull request Sep 9, 2022 that will close this issue
Fix for issue #124 when "Add/Remove Role from an User" #125
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix for issue #124 when "Add/Remove Role from an User" tadeubas/grails-spring-security-ui
2 participants
@puneetbehl @tadeubas