diff --git a/plugin/grails-app/controllers/grails/plugin/springsecurity/ui/UserController.groovy b/plugin/grails-app/controllers/grails/plugin/springsecurity/ui/UserController.groovy index fc3a3526..033aadf5 100644 --- a/plugin/grails-app/controllers/grails/plugin/springsecurity/ui/UserController.groovy +++ b/plugin/grails-app/controllers/grails/plugin/springsecurity/ui/UserController.groovy @@ -77,19 +77,26 @@ class UserController extends AbstractS2UiDomainController { protected Map buildUserModel(user) { Set userRoleNames = user[authoritiesPropertyName].collect { it[authorityNameField] } - def granted = [:] - def notGranted = [:] + Map roleMap = buildRoleMap(userRoleNames) + + [roleMap: roleMap, tabData: tabData, user: user] + } + + protected Map buildRoleMap(Set userRoleNames) { + if (!userRoleNames) { + return [:] + } + Map granted = [:] + Map notGranted = [:] for (role in sortedRoles()) { String authority = role[authorityNameField] if (userRoleNames.contains(authority)) { granted[(role)] = userRoleNames.contains(authority) - } - else { + } else { notGranted[(role)] = userRoleNames.contains(authority) } } - - [roleMap: granted + notGranted, tabData: tabData, user: user] + return granted + notGranted } protected List sortedRoles() { diff --git a/plugin/src/test/groovy/grails/plugin/springsecurity/ui/UserControllerSpec.groovy b/plugin/src/test/groovy/grails/plugin/springsecurity/ui/UserControllerSpec.groovy new file mode 100644 index 00000000..4cb84fbd --- /dev/null +++ b/plugin/src/test/groovy/grails/plugin/springsecurity/ui/UserControllerSpec.groovy @@ -0,0 +1,38 @@ +package grails.plugin.springsecurity.ui + +import grails.testing.web.controllers.ControllerUnitTest +import spock.lang.Specification +import spock.lang.Unroll + +@Unroll +class UserControllerSpec extends Specification implements ControllerUnitTest { + static final Map ADMIN_ROLE = [authority: "ROLE_ADMIN"] + static final Map SUPER_ADMIN_ROLE = [authority: "ROLE_SUPER_ADMIN"] + static final Map USER_ROLE = [authority: "ROLE_USER"] + + void "verify proper construction of roleMap for user with roles #rolesAssignedToUser"() { + given: "the authority name field has been set to the default name of 'authority'" + controller.authorityNameField = "authority" + + and: "we mock the returning of all Role instances within the database" + controller.metaClass.sortedRoles = { + [ + ADMIN_ROLE, + SUPER_ADMIN_ROLE, + USER_ROLE + ] + } + + when: "we call buildRoleMap with the role names associated to the user" + Map results = controller.buildRoleMap(rolesAssignedToUser) + + then: "the user is only granted access to roles with which they are associated" + results == expectedResults + + where: + rolesAssignedToUser | expectedResults + [ADMIN_ROLE.authority, USER_ROLE.authority] as Set | [(ADMIN_ROLE): true, (SUPER_ADMIN_ROLE): false, (USER_ROLE): true] + [] as Set | [:] + null | [:] + } +}