Home/ Questions/Q 894631
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-15T14:25:26+00:00

I’m still working on my first Grails application. This time, my problem is to

  • 0

I’m still working on my first Grails application. This time, my problem is to limit access to some actions for particular users.

Assume users add some object, e.g. books. I would like to give access to edit a book only to admin and the user that added the book. I’m currently using Acegi plugin. I know there is newer version of that plugin, but I’m not sure if it changes anything in my problem.

The second thing is some kind similar. I have a sidebar and there is “Hello ${currentUser.username}. currentUser is a method that returns an instance of currently logged user. But the problem is that I don’t have any idea where can I put this message to be able to use it everywhere. Should I put it in some service and include it everywhere? I tried to create an ApplicationController that is extended by all other controllers, but that doesn’t seem to work. Have you got any ideas?

Thanks!
Grzegorz

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You should use the newer Spring Security Core plugin since it has an ACL add-on plugin that does exactly what you’re looking for. See http://grails.org/plugin/spring-security-acl for details.

    For the second question, there’s a taglib for that. In the Acegi plugin use this:

    Hello <g:loggedInUserInfo field="username"/>

    (see http://www.grails.org/AcegiSecurity+Plugin+-+Artifacts) and in the Spring Security Core plugin use this:

    Hello <sec:username/>

    (see the “Security Tags” section of http://burtbeckwith.github.com/grails-spring-security-core/docs/manual/)

    • 0