kinlane
5/5/2015 - 4:00 PM

Why The API Pattern is Broken and How We Can Fix It - Code Sample - Controller Code 1

Why The API Pattern is Broken and How We Can Fix It - Code Sample - Controller Code 1

@Secured(['ROLE_ADMIN', 'ROLE_USER'])
def show(){
	// data checks required
	// role checks required

	if(params.id){
	        List authorities = springSecurityService.getPrincipal().getAuthorities()
	        Widget widget
	        if(authorities.contains(‘ROLE_ADMIN’)){ 
		widget = Widget.get(params.id.toLong())
	        }else if(authorities.contains(‘ROLE_USER’)){ 
		widget = Widget.getByUsername(params.username)
	        }
	        …
	}else{
		return null
	}
}