Working through Dierk Königs Groovy In Action, I'm finally to the Closure Currying. This concept was so foreign to me, but so incredibly powerful! In his example, he uses closure currying to implement a logger. I scoffed. Pah, you have log4j, why bother. But the example was so interesting, building up a logger from a configuration; consisting of a format, filter and the line to be logged; and an appender, consisting of the configuration, appender and the line.
Watching them curried together was something like watching Gordon Ramsay put together a juicy steak with rosemary, garlic, olive oil heat and artichokes. I actually felt my mouth water!
But why, I've been looking to implement authorization down to the granularity of a per entity basis. I.e. not just to block users of particular roles from doing an action to something, but to block users from that thing itself. Even a few weeks ago, I had an idea, but I needed one additional piece to complete it.
My Idea (written on a pocket notepad near by bedside table): For security on domain objects, consider binding grails actions to security rules that can incorporate groovy objects in scope. E.g. user, role domain objects their values, etc.... - the rules could be predefined rules or written in Groovy Script.
In essence, the rules could be closures that get the application context passed to them!
About Me
- Brent
- I grew up in St. George Utah and now live in Leuven - Belgium. I develop software and dabble in entrepreneurship. I'm pretty good at software, I'm learning a lot in the school of experience about entrepreneurship. I dream of crafting an idea that will give me more financial independence. Best of all, I'm a husband and dad of 3.