Grails过滤`actionExclude`是否可以使用基于方法的路由? [英] Does Grails Filter `actionExclude` work with method-based routing?
问题描述
name base:/{
controller = api
action = [GET:welcome,POST:post]
}
我想应用一个过滤器来处理授权,例如
class RequestFilters {
def filters = {
authorizeRequest(controller:'api',actionExclude:'welcome'){
before = {
log.debug(Applying authorization filter。)
}
}
}
}
但是,实践中,过滤器在所有请求上运行(甚至是GET请求,它们应该使用 welcome 方法,因此不应触发此过滤器。)
当我检查运行在过滤器中的代码时,我发现从我的路由文件中将 params.action 设置为Map,而不是欢迎。不知道这是否与问题有关。
我当前的解决方法(感觉非常错误)是将以下内容添加到我的过滤器的
: if(params.action [request.method] =='welcome'){
return true
简短的问题是:Grails是否支持基于方法的路由+动作 - 基于名称的过滤?如果是这样,怎么样?如果没有,那么重构这个逻辑有什么合理的选择?
谢谢!
class RequestFilters {
def filters = {
authorizeRequest(controller:'api',action:'*',actionExclude:'welcome'){
before = {
log.debug(Applying authorization filter。)
返回true
}
}
}
}
将过滤器应用于控制器但welcome的全部动作。 :)
如果在其他控制器中没有其他 welcome 操作,则不需要指定控制器在过滤器中。
authorizeRequest(action:'*',actionExclude:'welcome'){...}
I have a method-based route like:
name base: "/" {
controller="api"
action=[GET: "welcome", POST: "post"]
}
And I'd like to apply a filter to handle authorization, e.g.
class RequestFilters {
def filters = {
authorizeRequest(controller: 'api', actionExclude: 'welcome') {
before = {
log.debug("Applying authorization filter.")
}
}
}
}
But when I apply this in practice, the filter runs on all requests (even GET requests, which should use the welcome method and thus should not trigger this filter.)
When I inspect the code running the in the filter, I see that params.action is set to the Map from my routing file, rather than to "welcome". Not sure if this is related to the issue.
My current workaround (which feels very wrong) is to add the following to my filter's body:
if(params.action[request.method] == 'welcome'){
return true
}
The short question is: does Grails support this combination of method-based routing + action-name-based filtering? If so, how? If not, what are some reasonable alternatives for restructuring this logic?
Thanks!
You need to use the filter as below:
class RequestFilters {
def filters = {
authorizeRequest(controller:'api', action:'*', actionExclude:'welcome'){
before = {
log.debug("Applying authorization filter.")
return true
}
}
}
}
Apply the filter to all actions of the controller but "welcome". :)
If there is no other welcome action in the other controllers then, you would not need the controller specified in the filter as well.
authorizeRequest(action:'*', actionExclude:'welcome'){...}
这篇关于Grails过滤`actionExclude`是否可以使用基于方法的路由?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
