source: trunk/grails-app/controllers/InventoryGroupDetailedController.groovy @ 879

Last change on this file since 879 was 628, checked in by gav, 14 years ago

Full authorisation review.
Add manager role to BaseController.
Remove inventory manager role from CostCode controller as per ticket #77.
Remove inventory manager role from InventoryGroup controller CUD actions.
Add all manager roles to Address and Contact controllers.
Add production and task manager roles to ProductionReference controller.

File size: 4.3 KB
Line 
1import org.codehaus.groovy.grails.plugins.springsecurity.Secured
2
3@Secured(['ROLE_AppAdmin', 'ROLE_Manager'])
4class InventoryGroupDetailedController extends BaseController {
5
6    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_InventoryManager', 'ROLE_InventoryUser'])
7    def index = { redirect(action:list,params:params) }
8
9    // the delete, save and update actions only accept POST requests
10    static allowedMethods = [delete:'POST', save:'POST', update:'POST']
11
12    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_InventoryManager', 'ROLE_InventoryUser'])
13    def list = {
14        params.max = Math.min( params.max ? params.max.toInteger() : 10,  100)
15        [ inventoryGroupInstanceList: InventoryGroup.list( params ), inventoryGroupInstanceTotal: InventoryGroup.count() ]
16    }
17
18    @Secured(['ROLE_AppAdmin', 'ROLE_Manager', 'ROLE_InventoryManager', 'ROLE_InventoryUser'])
19    def show = {
20
21        // In the case of an actionSubmit button, rewrite action name from 'index'.
22        if(params._action_Show)
23            params.action='show'
24
25        def inventoryGroupInstance = InventoryGroup.get( params.id )
26
27        if(!inventoryGroupInstance) {
28            flash.message = "InventoryGroup not found with id ${params.id}"
29            redirect(action:list)
30        }
31        else { return [ inventoryGroupInstance : inventoryGroupInstance ] }
32    }
33
34    def delete = {
35        def inventoryGroupInstance = InventoryGroup.get( params.id )
36        if(inventoryGroupInstance) {
37            try {
38                inventoryGroupInstance.delete(flush:true)
39                flash.message = "InventoryGroup ${params.id} deleted"
40                redirect(action:list)
41            }
42            catch(org.springframework.dao.DataIntegrityViolationException e) {
43                flash.message = "InventoryGroup ${params.id} could not be deleted"
44                redirect(action:show,id:params.id)
45            }
46        }
47        else {
48            flash.message = "InventoryGroup not found with id ${params.id}"
49            redirect(action:list)
50        }
51    }
52
53    def edit = {
54
55        // In the case of an actionSubmit button, rewrite action name from 'index'.
56        if(params._action_Edit)
57            params.action='edit'
58
59        def inventoryGroupInstance = InventoryGroup.get( params.id )
60
61        if(!inventoryGroupInstance) {
62            flash.message = "InventoryGroup not found with id ${params.id}"
63            redirect(action:list)
64        }
65        else {
66            return [ inventoryGroupInstance : inventoryGroupInstance ]
67        }
68    }
69
70    def update = {
71        def inventoryGroupInstance = InventoryGroup.get( params.id )
72        if(inventoryGroupInstance) {
73            if(params.version) {
74                def version = params.version.toLong()
75                if(inventoryGroupInstance.version > version) {
76                   
77                    inventoryGroupInstance.errors.rejectValue("version", "default.optimistic.locking.failure")
78                    render(view:'edit',model:[inventoryGroupInstance:inventoryGroupInstance])
79                    return
80                }
81            }
82            inventoryGroupInstance.properties = params
83            if(!inventoryGroupInstance.hasErrors() && inventoryGroupInstance.save(flush: true)) {
84                flash.message = "InventoryGroup ${params.id} updated"
85                redirect(action:show,id:inventoryGroupInstance.id)
86            }
87            else {
88                render(view:'edit',model:[inventoryGroupInstance:inventoryGroupInstance])
89            }
90        }
91        else {
92            flash.message = "InventoryGroup not found with id ${params.id}"
93            redirect(action:list)
94        }
95    }
96
97    def create = {
98        def inventoryGroupInstance = new InventoryGroup()
99        inventoryGroupInstance.properties = params
100        return ['inventoryGroupInstance':inventoryGroupInstance]
101    }
102
103    def save = {
104        def inventoryGroupInstance = new InventoryGroup(params)
105        if(!inventoryGroupInstance.hasErrors() && inventoryGroupInstance.save(flush: true)) {
106            flash.message = "InventoryGroup ${inventoryGroupInstance.id} created"
107            redirect(action:show,id:inventoryGroupInstance.id)
108        }
109        else {
110            render(view:'create',model:[inventoryGroupInstance:inventoryGroupInstance])
111        }
112    }
113}
Note: See TracBrowser for help on using the repository browser.