(Quick Reference)

userIsAllowed(object, action)

Available in Controllers, Domains, Taglibs and Services

This method returns true if the current user is permitted to perform the specified action on the object.

The implementation of this method is provided by the security provider you have installed.

If a provide does not implement ACLs this will return true.


{docx} class PurchaseService { void updatePurchase(Purchase p) { if (userIsAllowed(p, 'edit')) { … } } … } {docx}


objectThe object on which the user is about to perform an action
actionThe action you wish to perform