Checking if specific user has a role

Question

is there some pretty way to check if some specific user (not the one that is logged in) has some specific role?

Here is grails example (generally the same for plain Java but syntax):

def user = User.get(1) //Get user with id 1
if (ifAnyGranted(user,"ROLE_ADMIN")) { //This is the line I need to implement somehow
...
}

Thanks in advance.

it's a bit unclear what you are asking. you are looking for something "prettier" than above code? Does the snippet you provide work for you? — Jean Barmash, Dec 02 '09 at 18:43
That line was an example to show precisely what I need. There is no function ifAnyGranted(user,roles). — bezmax, Dec 03 '09 at 13:55

score 9 · Accepted Answer · edited May 23 '17 at 11:54

9

I assume, your User domain class holds a hasMany refernece to your Role class like this:

class User  {
    static hasMany = [authorities: Role]
    //....
}
class Role  {
    static belongsTo = User
    String description
    String authority
    //....
}

So your code for role-checking is simple:

User user = User.get(1)
if (user.authorities.any { it.authority == "ROLE_ADMIN" }) {
    // user is a admin
}

An updated answer can be found here.

edited May 23 '17 at 11:54

Community

1
1

answered Dec 02 '09 at 16:28

Stefan Armbruster

39,465
6
87
97

1

To use this technique to check the current logged in user: def authenticateService def pricipalInfo = authenticateService.principal() def user = User.findByUsername(pricipalInfo.username) if (user.authorities.any { it.authority == "ROLE_ADMIN" }) { // user is a admin } – Brad Rhoads Dec 16 '09 at 00:08

score 4 · Answer 2 · answered Oct 30 '15 at 03:16

4

if (grails.plugin.springsecurity.SpringSecurityUtils.ifAllGranted("ROLE_ADMIN"))
{
   ...
}

answered Oct 30 '15 at 03:16

Pablo Pazos

3,080
29
42

score 3 · Answer 3 · answered Dec 16 '09 at 00:01

3

If you're using the Spring Security Plugin and want to check the current logged in user:

import org.codehaus.groovy.grails.plugins.springsecurity.AuthorizeTools

. . .

if (AuthorizeTools.ifAllGranted("ROLE_ADMIN")){
               //user is an admin
}

answered Dec 16 '09 at 00:01

Brad Rhoads

1,828
3
29
52

Just noticed the question was specifically not about the logged in user. Hope this is useful anyway. – Brad Rhoads Dec 16 '09 at 00:16
1

I realize this is an old answer, but it appears that AuthorizeTools has been replaced by SpringSecurityTools – David May 04 '16 at 00:33

Ibrahim.H · Answer 4 · 2017-08-03T10:31:10.290

0

I case you want to check the current logged in user, you don't need to query User domain, since you've already injected springSecurityService, so you could've just write:

def springSecurityService

def someAction(){
    if (principal.authorities.any { it.authority == 'ROLE_ADMIN'}){
        //...
    } else {
        //...
    }
}

edited Aug 03 '17 at 10:31

answered Jul 30 '17 at 18:01

Ibrahim.H

1,062
1
13
22

Isn't this the same as Stefan's answer? – bezmax Aug 01 '17 at 12:49
@bezmax almost, look closely, calling User.get(1) is not necessary, tested with Grails 2.4.4. – Ibrahim.H Aug 02 '17 at 22:09
Well, part of the question was `if some specific user (not the one that is logged in)`. – bezmax Aug 03 '17 at 09:22
@bezmax, Well, what I mean, in case someone want to get the current user, i'll edit the answer. – Ibrahim.H Aug 03 '17 at 10:24

Checking if specific user has a role

4 Answers4