我创建了全新的 Grails 项目,然后使用了 grails s2-快速入门 命令来获取 LoginController 和 User/UserRole 类。一切正常,我有一个登录页面。然后,我通过选择“生成 Controller 和 View ”在 GTS 中创建了用户 Controller 。生成的 UserController 如下所示:
import static org.springframework.http.HttpStatus.*
import grails.transaction.Transactional
@Transactional(readOnly = true)
class UserController {
static allowedMethods = [save: "POST", update: "PUT", delete: "DELETE"]
def index(Integer max) {
params.max = Math.min(max ?: 10, 100)
respond User.list(params), model:[userInstanceCount: User.count()]
}
def show(User userInstance) {
respond userInstance
}
def create() {
respond new User(params)
}
@Transactional
def save(User userInstance) {
if (userInstance == null) {
notFound()
return
}
if (userInstance.hasErrors()) {
respond userInstance.errors, view:'create'
return
}
userInstance.save flush:true
request.withFormat {
form multipartForm {
flash.message = message(code: 'default.created.message', args: [message(code: 'user.label', default: 'User'), userInstance.id])
redirect userInstance
}
'*' { respond userInstance, [status: CREATED] }
}
}
def edit(User userInstance) {
respond userInstance
}
@Transactional
def update(User userInstance) {
if (userInstance == null) {
notFound()
return
}
if (userInstance.hasErrors()) {
respond userInstance.errors, view:'edit'
return
}
userInstance.save flush:true
request.withFormat {
form multipartForm {
flash.message = message(code: 'default.updated.message', args: [message(code: 'User.label', default: 'User'), userInstance.id])
redirect userInstance
}
'*'{ respond userInstance, [status: OK] }
}
}
@Transactional
def delete(User userInstance) {
if (userInstance == null) {
notFound()
return
}
userInstance.delete flush:true
request.withFormat {
form multipartForm {
flash.message = message(code: 'default.deleted.message', args: [message(code: 'User.label', default: 'User'), userInstance.id])
redirect action:"index", method:"GET"
}
'*'{ render status: NO_CONTENT }
}
}
protected void notFound() {
request.withFormat {
form multipartForm {
flash.message = message(code: 'default.not.found.message', args: [message(code: 'user.label', default: 'User'), params.id])
redirect action: "index", method: "GET"
}
'*'{ render status: NOT_FOUND }
}
}
}
现在,当我想去/user/index 页面时,它会将我转发到登录页面......
如何改变它?如果这个问题是微不足道的,我对 Grails 完全陌生,很抱歉。
最佳答案
您需要通过在配置文件中指定 spring 安全 Controller 注释静态规则或在 Controller 上使用 Secured 注释来提供对特定角色的用户/索引的访问。
引用:http://grails-plugins.github.io/grails-spring-security-core/v3/index.html#secured-annotation
http://grails-plugins.github.io/grails-spring-security-core/v3/index.html#pessimistic-lockdown
关于Grails 简单的注册/登录表单,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/37765142/