• Home
• com.disney.groovity
• groovity-portal
• 2.0.0-rc.20
• source code
• adminPolicy.grvt

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

groovity.portal.lib.adminPolicy.grvt Maven / Gradle / Ivy

/*******************************************************************************
 * © 2018 Disney | ABC Television Group
 *
 * Licensed under the Apache License, Version 2.0 (the "Apache License")
 * with the following modification; you may not use this file except in
 * compliance with the Apache License and the following modification to it:
 * Section 6. Trademarks. is deleted and replaced with:
 *
 * 6. Trademarks. This License does not grant permission to use the trade
 *     names, trademarks, service marks, or product names of the Licensor
 *     and its affiliates, except as required to comply with Section 4(c) of
 *     the License and to reproduce the content of the NOTICE file.
 *
 * You may obtain a copy of the Apache License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the Apache License with the above modification is
 * distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied. See the Apache License for the specific
 * language governing permissions and limitations under the Apache License.
 *******************************************************************************/
/**
 * Custom auth policy to gate access to logged in users with root level "admin" role
 */
static web=[
	auth:{
		request ->
		def rval = [authenticated:false,authorized:false]
		if(request.userPrincipal){
			rval.authenticated = true;
			def uri = request.URI
			def qi = uri.indexOf('?')
			if(qi>0){
				uri = uri.substring(0,qi)
			}
			if(request.userPrincipal.hasRole(request.session, uri, ['admin'])){
				rval.authorized = true
			}
		}
		rval
	},
	cors:[
		origins:(System.getProperty('groovity.cluster.corsOrigin') ?: '*'),
		headers:["Signature","X-Date"],
		maxAge:300	
	]
]

//we'll install this custom policy so portal admins can access cluster admin tools
static init(){
	System.setProperty('groovity.servlet.admin.ui.policy','/groovity/portal/lib/adminPolicy');
}