我收到以下错误
Class
org.springframework.expression.spel.SpelEvaluationException
Message
EL1008E:(pos 0): Field or property 'ADMIN_ROLE' cannot be found on object of type 'org.springframework.security.web.access.expression.WebSecurityExpressionRoot'
我正在尝试访问 My.GSP View ,并且我以 USER_ROLE
身份登录
--
import org.springframework.dao.DataIntegrityViolationException
import grails.plugin.springsecurity.annotation.Secured
class MyController {
static allowedMethods = [save: "POST", update: "POST", delete: "POST"]
@Secured(['ADMIN_ROLE','USER_ROLE'])
def index() {
redirect(action: "list", params: params)
}
@Secured(['USER_ROLE'])
def list(Integer max) {
params.max = Math.min(max ?: 10, 100)
[patientInstanceList: Patient.list(params), patientInstanceTotal: Patient.count()]
}
@Secured(['USER_ROLE'])
def create() {
[patientInstance: new Patient(params)]
}
@Secured(['USER_ROLE'])
def save() {
def patientInstance = new Patient(params)
if (!patientInstance.save(flush: true)) {
render(view: "create", model: [patientInstance: patientInstance])
return
}
flash.message = message(code: 'default.created.message', args: [message(code: 'patient.label', default: 'Patient'), patientInstance.id])
redirect(action: "show", id: patientInstance.id)
}
数据库
最佳答案
Grails 中 Spring Security 插件的默认设置角色名称必须以前缀 "ROLE_"
开头,因此请重命名您的 ADMIN_ROLE
到 ROLE_ADMIN
和 USER_ROLE
到 ROLE_USER
。
This forum post解释了为什么它在默认情况下会这样工作,以及如何根据需要进行不同的配置。
关于grails - 仅向具有 USER_ROLE 权限的用户授予访问权限,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/24328781/