Vishesh Duggar bio photo

Vishesh Duggar

CTO Software @vamstar. 15 years in tech. Entrepreneurial with a keen interest in product development and usability. Interested in working on high impact ideas.

Subscribe to my mailing list

Are you looking for a tech advisor or a CTO?

Contact on LinkedIn

Vamstar LinkedIn Twitter Github

I had recently written about the benefits of using spring-security-core the other plugins that extend its capability are what make it truly valuable. One such use case is managing user permissions.

Spring Security ACL makes it much easier to implement object level permissions and maintaining access control lists in your Grails app.

Flat domain structure

It has a very flat domain structure making it an ideal starting place for both SQL and NoSQL databases.

Bulletproof your business logic with DRY access control

There are some neat annotations available that will do the pre and post access checks on your service methods:

@PreAuthorize("hasRole('ROLE_USER')")
@PostFilter("hasPermission(filterObject, read) or " +
			"hasPermission(filterObject, admin)")
List getAllReports(params = [:]) {
	Report.list(params)
}

The above service method call has two checks, the first checks if the user has the mentioned role and filters out any list items that the user might not have access to. This becomes very handy when you have query that produces limited results and you don’t want to rely on joins or you are on a NoSQL based system. (I have not tested this on NoSQL yet).

Generic permissions that are easily extensible

It provides the basic READ, WRITE, CREATE, DELETE and ADMINISTRATION permissions by default but can be easily extended to add more custom permissions

Utility classes and integration with Spring Security Core

This too has a couple of utility classes that makes managing the permissions much easier like AclUtilService and AclService

The biggest advantage by far is its integration with the rest of the spring security ecosystem.

Close to 15 years in tech; I've served as a CTO and advisor to multiple organizations. Brought close to 20 products to market. As a founding member of multiple organizations I've done everything from tech to stratgey, sales, marketing, hiring, accounting and more. Experience in a variety of technologies including but not limited to AWS, Node, React, Serverless, ElasticSearch, Groovy, Java, Typescript, Angular, Grails, PHP, Drupal, Wordpress.

Always interested in looking at new tech, strategy and ways I can add value to organizations.

[Contact me.](https://www.linkedin.com/in/experienced-cto/).