Shanu: Added spring security plugin. Added the create script

.gitignore

@@ -0,0 +1,38 @@
+*.iml
+.idea/
+*.ipr
+*.iws
+*.log
+*.jasper
+.idea/
+log/
+out/
+war/
+bin/
+target/
+coverage/
+test/
+/application.properties
+src/groovy/Sledgehammer-config.properties
+/coverage.*
+test/reports/
+web-app/gwt
+web-app/WEB-INF/classes
+Thumbs.db
+/stacktrace.log
+lib/gwt/ids-gwt-widgets.jar
+lib/gwt/lightsaber.jar
+*.ser
+/dbdeploy/
+/lib/gwt/lightsaber.jar
+web-app/css/main.css
+web-app/images/grails_logo.jpg
+web-app/images/skin/
+web-app/images/spinner.gif
+.DS_Store
+extras/
+lib/gwt/gwt-graphics.jar
+lib/gwt/ids-gwt-graph.jar
+id_file
+demodb
+demo-config/bak

DB/001_BaseLine.sql

@@ -0,0 +1,7 @@
+drop schema if exists public cascade;
+create table role (id int8 not null, version int8 not null, authority varchar(255) not null unique, primary key (id));
+create table user (id int8 not null, version int8 not null, account_expired bool not null, account_locked bool not null, enabled bool not null, "password" varchar(255) not null, password_expired bool not null, username varchar(255) not null unique, primary key (id));
+create table user_role (role_id int8 not null, user_id int8 not null, primary key (role_id, user_id));
+alter table user_role add constraint FK143BF46A5D1CA167 foreign key (role_id) references role;
+alter table user_role add constraint FK143BF46A2476547 foreign key (user_id) references user;
+create sequence hibernate_sequence;

application.properties

@@ -1,8 +1,9 @@
 #Grails Metadata file
-#Fri Dec 03 16:52:54 IST 2010
+#Fri Dec 03 23:09:40 IST 2010
 app.grails.version=1.3.4
 app.name=MGifts
 app.servlet.version=2.4
 app.version=0.1
 plugins.hibernate=1.3.4
+plugins.spring-security-core=1.0.1
 plugins.tomcat=1.3.4

grails-app/conf/BootStrap.groovy

@@ -1,7 +1,8 @@
 class BootStrap {
+  def springSecurityService
+  def init = { servletContext ->
 
-    def init = { servletContext ->
-    }
-    def destroy = {
-    }
+  }
+  def destroy = {
+  }
 }

grails-app/conf/BuildConfig.groovy

@@ -25,7 +25,7 @@ grails.project.dependency.resolution = {
     }
     dependencies {
         // specify dependencies here under either 'build', 'compile', 'runtime', 'test' or 'provided' scopes eg.
-
-        // runtime 'mysql:mysql-connector-java:5.1.5'
+        /*test "postgresql:postgresql:8.3-603.jdbc3"
+        runtime "postgresql:postgresql:8.3-603.jdbc3*/
     }
 }

grails-app/conf/Config.groovy

@@ -81,3 +81,9 @@ log4j = {
 
     warn   'org.mortbay.log'
 }
+
+
+// Added by the Spring Security Core plugin:
+grails.plugins.springsecurity.userLookup.userDomainClassName = 'com.malabar.gift.AppUser'
+grails.plugins.springsecurity.userLookup.authorityJoinClassName = 'com.malabar.gift.AppUserRole'
+grails.plugins.springsecurity.authority.className = 'com.malabar.gift.Role'

grails-app/conf/DataSource.groovy

@@ -13,20 +13,26 @@ hibernate {
 environments {
     development {
         dataSource {
-            dbCreate = "create-drop" // one of 'create', 'create-drop','update'
-            url = "jdbc:hsqldb:mem:devDB"
+            dbCreate = "update"
+            url = "jdbc:postgresql://localhost:5432/GIFTDB"
+            username = "app_user"
+            password = "password"
         }
     }
     test {
         dataSource {
             dbCreate = "update"
-            url = "jdbc:hsqldb:mem:testDb"
+            url = "jdbc:postgresql://localhost:5432/GIFTDB"
+            username = "app_user"
+            password = "password"
         }
     }
     production {
         dataSource {
             dbCreate = "update"
-            url = "jdbc:hsqldb:file:prodDb;shutdown=true"
+            url = "jdbc:postgresql://localhost:5432/GIFTDB"
+            username = "app_user"
+            password = "password"
         }
     }
 }

grails-app/conf/UrlMappings.groovy

@@ -7,7 +7,7 @@ class UrlMappings {
 			}
 		}
 
-		"/"(view:"/index")
+		"/"(controller:"/login")
 		"500"(view:'/error')
 	}
 }

grails-app/controllers/AdminController.groovy

@@ -0,0 +1,7 @@
+
+class AdminController{
+  def index = {
+    println "Again coming here..."
+    render view:'dashboard'
+  }
+}

grails-app/controllers/LoginController.groovy

@@ -0,0 +1,124 @@
+import grails.converters.JSON
+
+import org.codehaus.groovy.grails.plugins.springsecurity.SpringSecurityUtils
+
+import org.springframework.security.authentication.AccountExpiredException
+import org.springframework.security.authentication.CredentialsExpiredException
+import org.springframework.security.authentication.DisabledException
+import org.springframework.security.authentication.LockedException
+import org.springframework.security.core.context.SecurityContextHolder as SCH
+import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
+
+class LoginController {
+
+	/**
+	 * Dependency injection for the authenticationTrustResolver.
+	 */
+	def authenticationTrustResolver
+
+	/**
+	 * Dependency injection for the springSecurityService.
+	 */
+	def springSecurityService
+
+	/**
+	 * Default action; redirects to 'defaultTargetUrl' if logged in, /login/auth otherwise.
+	 */
+	def index = {
+		if (springSecurityService.isLoggedIn()) {
+			redirect controller: 'admin', action:'index' 
+		}
+		else {
+			redirect action: auth, params: params
+		}
+	}
+
+	/**
+	 * Show the login page.
+	 */
+	def auth = {
+
+		def config = SpringSecurityUtils.securityConfig
+
+		if (springSecurityService.isLoggedIn()) {
+			redirect uri: config.successHandler.defaultTargetUrl
+			return
+		}
+
+		String view = 'auth'
+		String postUrl = "${request.contextPath}${config.apf.filterProcessesUrl}"
+		render view: view, model: [postUrl: postUrl,
+		                           rememberMeParameter: config.rememberMe.parameter]
+	}
+
+	/**
+	 * Show denied page.
+	 */
+	def denied = {
+		if (springSecurityService.isLoggedIn() &&
+				authenticationTrustResolver.isRememberMe(SCH.context?.authentication)) {
+			// have cookie but the page is guarded with IS_AUTHENTICATED_FULLY
+			redirect action: full, params: params
+		}
+	}
+
+	/**
+	 * Login page for users with a remember-me cookie but accessing a IS_AUTHENTICATED_FULLY page.
+	 */
+	def full = {
+		def config = SpringSecurityUtils.securityConfig
+		render view: 'auth', params: params,
+			model: [hasCookie: authenticationTrustResolver.isRememberMe(SCH.context?.authentication),
+			        postUrl: "${request.contextPath}${config.apf.filterProcessesUrl}"]
+	}
+
+	/**
+	 * Callback after a failed login. Redirects to the auth page with a warning message.
+	 */
+	def authfail = {
+
+		def username = session[UsernamePasswordAuthenticationFilter.SPRING_SECURITY_LAST_USERNAME_KEY]
+		String msg = ''
+		def exception = session[AbstractAuthenticationProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY]
+		if (exception) {
+			if (exception instanceof AccountExpiredException) {
+				msg = SpringSecurityUtils.securityConfig.errors.login.expired
+			}
+			else if (exception instanceof CredentialsExpiredException) {
+				msg = SpringSecurityUtils.securityConfig.errors.login.passwordExpired
+			}
+			else if (exception instanceof DisabledException) {
+				msg = SpringSecurityUtils.securityConfig.errors.login.disabled
+			}
+			else if (exception instanceof LockedException) {
+				msg = SpringSecurityUtils.securityConfig.errors.login.locked
+			}
+			else {
+				msg = SpringSecurityUtils.securityConfig.errors.login.fail
+			}
+		}
+
+		if (springSecurityService.isAjax(request)) {
+			render([error: msg] as JSON)
+		}
+		else {
+			flash.message = msg
+			redirect action: auth, params: params
+		}
+	}
+
+	/**
+	 * The Ajax success redirect url.
+	 */
+	def ajaxSuccess = {
+		render([success: true, username: springSecurityService.authentication.name] as JSON)
+	}
+
+	/**
+	 * The Ajax denied redirect url.
+	 */
+	def ajaxDenied = {
+		render([error: 'access denied'] as JSON)
+	}
+}

grails-app/controllers/LogoutController.groovy

@@ -0,0 +1,12 @@
+import org.codehaus.groovy.grails.plugins.springsecurity.SpringSecurityUtils
+
+class LogoutController {
+
+	/**
+	 * Index action. Redirects to the Spring security logout uri.
+	 */
+	def index = {
+		// TODO  put any pre-logout code here
+		redirect uri: SpringSecurityUtils.securityConfig.logout.filterProcessesUrl // '/j_spring_security_logout'
+	}
+}

grails-app/domain/com/malabar/gift/AppUser.groovy

@@ -0,0 +1,24 @@
+package com.malabar.gift
+
+class AppUser {
+
+	String username
+	String password
+	boolean enabled
+	boolean accountExpired
+	boolean accountLocked
+	boolean passwordExpired
+
+	static constraints = {
+		username blank: false, unique: true
+		password blank: false
+	}
+
+	static mapping = {
+		password column: '`password`'
+	}
+
+	Set<Role> getAuthorities() {
+		AppUserRole.findAllByAppUser(this).collect { it.role } as Set
+	}
+}

grails-app/domain/com/malabar/gift/AppUserRole.groovy

@@ -0,0 +1,52 @@
+package com.malabar.gift
+
+import org.apache.commons.lang.builder.HashCodeBuilder
+
+class AppUserRole implements Serializable {
+
+	AppUser appUser
+	Role role
+
+	boolean equals(other) {
+		if (!(other instanceof AppUserRole)) {
+			return false
+		}
+
+		other.appUser?.id == appUser?.id &&
+			other.role?.id == role?.id
+	}
+
+	int hashCode() {
+		def builder = new HashCodeBuilder()
+		if (appUser) builder.append(appUser.id)
+		if (role) builder.append(role.id)
+		builder.toHashCode()
+	}
+
+	static AppUserRole get(long appUserId, long roleId) {
+		find 'from AppUserRole where appUser.id=:appUserId and role.id=:roleId',
+			[appUserId: appUserId, roleId: roleId]
+	}
+
+	static AppUserRole create(AppUser appUser, Role role, boolean flush = false) {
+		new AppUserRole(appUser: appUser, role: role).save(flush: flush, insert: true)
+	}
+
+	static boolean remove(AppUser appUser, Role role, boolean flush = false) {
+		AppUserRole instance = AppUserRole.findByAppUserAndRole(appUser, role)
+		instance ? instance.delete(flush: flush) : false
+	}
+
+	static void removeAll(AppUser appUser) {
+		executeUpdate 'DELETE FROM AppUserRole WHERE appUser=:appUser', [appUser: appUser]
+	}
+
+	static void removeAll(Role role) {
+		executeUpdate 'DELETE FROM AppUserRole WHERE role=:role', [role: role]
+	}
+
+	static mapping = {
+		id composite: ['role', 'appUser']
+		version false
+	}
+}

grails-app/domain/com/malabar/gift/Role.groovy

@@ -0,0 +1,14 @@
+package com.malabar.gift
+
+class Role {
+
+	String authority
+
+	static mapping = {
+		cache true
+	}
+
+	static constraints = {
+		authority blank: false, unique: true
+	}
+}

grails-app/views/admin/dashboard.gsp

@@ -0,0 +1,6 @@
+
+<%@ page contentType="text/html;charset=UTF-8" %>
+<html>
+  <head><title>Simple GSP page</title></head>
+  <body>Place your content here</body>
+</html>