I am using the spring core security plugin and try to invoke the <sec:ifAnyGranted /> tag directly from EL like so:
sec.ifAnyGranted(roles: 'ROLE1, ROLE2, ...')
This however does not work as nothing is returned from the method. However if i try to use the tag in the following way it does work:
<sec:ifAnyGranted roles="ROLE1, ROLE2, ...">
The reason i can't use the second is because i need to combine two criteria in order to restrict access to a particular element in a page, one of which being the user's participation in a particular list of roles. In order to achieve this i am using the <sec:access /> tag in the following way:
<sec:access expression="${sec.ifAnyGranted(roles:'ROLE1,ROLE2,...') || (expression 2)">
...
</sec:access>
Sadly, this does not work for me. Could anyone help out?
you may use SpringSecurityUtils.ifAnyGranted(roles) directly from your view.
Alternatively, you may pass body to sec.ifAnyGranted(roles:'comma separated string','string for body')
EXAMPLE
<g:if test="${sec.ifAnyGranted(roles: 'ROLE_USER_BUSINESS', 'null')}">
BUSINESS
</g:if>
<g:else>
SOMETHING TLESE
</g:else>