how to detect whether a uri is allow by shiro or extract controller name from uri

Question

i have a uri such as someController/someAction?param1=aa&param2=bb

is there some method of grails can extract controller name and action name from this uri.

or shiro has any method to detect this uri is permitted?

i have a domain Menu(name,url), and now want to get the menu list which is permitted for current user.

url such as /auth/login(may be mapping as user:login), /user/login

so 2 days ago i ask this question.

now i change the menu to (name,controller,action,param),and filter the menulist like this:

def subject = SecurityUtils.subject;
menuList.each{
  if(it.permission){
     def perm = shiroPermissionResolver.resolvePermission("${it.permission.controller}:${it.permission.action}")
     def isPermitted = subject.isPermitted(perm)
     println "$isPermitted -> ${it.permission.controller}:${it.permission.action}"
  }
}

sorry for my poor english,and thanks for reply.

btw,here is another question of how to cache shiro: how to use cache permissions in grails shiro

To proflux: so what do u think is the better way to store menulist? cause:

it need to show different menu to user due to their permissions.
sometime we update a webapp, but want to show menu to user later. so we only need to change such as a menu.visible. (better than change hard code cfg or source).
we areusing extjs to show the menu(so nav plugin cant use).

Sorry because I can't get the question, could you give me an example? — Hoàng Long, Dec 13 '10 at 02:59
i just think that if i have a url,how to change it to controller+action. maybe /auth/login is mapping to user:login — atian25, Dec 14 '10 at 09:09
Can you help me understand why you're storing your user interface menu in a domain class? — chrislatimer, Dec 15 '10 at 17:45

score 3 · Answer 1 · answered Dec 13 '10 at 16:47

3

Shiro uses the convention of $controller:$action for permissions. You have two options:

Use the Shiro Tags
Use the Shiro API directly

In the first case, in your GSP you can add something like:

<shiro:hasPermission permission="someController:someAction">
     <g:link...>
</shiro:hasPermission>
<shiro:lacksPermission permission="someController:someAction">
     No link
</shiro:lacksPermission>

Alternatively, you can use the <g:if...> tag and use the

SecurityUtils.subject.isPermitted("someController:someAction")

method to directly check if the user has the necessary permission.

For more info, check out the Grails Shiro Tag Library Source and the Shiro API docs.

answered Dec 13 '10 at 16:47

chrislatimer

3,560
17
19

thanks for reply. i just think that if i have a url,how to change it to controller+action. maybe /auth/login is mapping to user:login – atian25 Dec 14 '10 at 02:19
Where in your application do you need to make this check? I have used Shiro and Grails quite a bit and if you end up in this situation it's probably because you're not taking full advantage the features Shiro and/or Grails has to offer. If you can post some more details I can probably help you figure out where the problem is. Post the piece of code where you want to make this test and we'll go from there... – chrislatimer Dec 14 '10 at 16:41

how to detect whether a uri is allow by shiro or extract controller name from uri

1 Answers1

Linked