How to get current user role with spring security plugin?
Solution 1
You can inject springSecurityService
into your controller:
def springSecurityService
and then in your action, call:
def roles = springSecurityService.getPrincipal().getAuthorities()
See the docs here.
Solution 2
From a controller you can use two methods the plugin adds to the metaclass, getPrincipal
and isLoggedIn
:
def myAction = {
if (loggedIn) {
// will be a List of String
def roleNames = principal.authorities*.authority
}
}
If the action is secured you can skip the loggedIn
/isLoggedIn()
check.
Solution 3
If you simply need to check to see if a user is in a specific role then use SpringSecurityUtils.ifAllGranted
which takes a single String as an argument which contains a comma-delimited list of roles. It will return true if the current user belongs to all of them. SpringSecurityUtils
also has methods like ifAnyGranted
, ifNotGranted
, etc, so it should work for whatever it is you are trying to accomplish.
laxmi
Updated on August 17, 2020Comments
-
laxmi over 3 years
I am using the spring-security-core plugin in my grails app. I need to know the current user's role in a controller action. How can I retrieve that?