deleting plugins views (gsp) when building the war
https://stackoverflow.com/questions/10168179
-
31-05-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianВопрос
We are using various plugins in our grails application (like logging, spring security core, ui, acl and many others). Now these plugins come with default gsps (in the views folder of each plugin).
I want to build a WAR without including the views of any plugin. So when the war is built right now it creates the plugins folder which contains views folder which come by default with the plugin, these views are introducing a lot of vulnerabilities and so I want to exclude the plugins views.
I am trying this right now in BuildConfig.groovy like below:
grails.project.dependency.resolution = {
grails.war.resources = { stagingDir ->
println "Customized delete started..."
delete{fileset dir: "${stagingDir}/WEB-INF/plugins/logging-0.1/grails-app/views/"}
delete{fileset dir: "${stagingDir}/WEB-INF/plugins/spring-security-ui-0.1.2/grails-app/views/"}
}
}
But the problem is the code tries to delete the views when they are not yet created by the war building process. Hence I get a file not found error for those plugins views.
Where should I write the code to delete the plugins views so that they are already created and available to delete when building the WAR, or how do I not include the plugins views in the WAR?
Thanks in advance.. Priyank
Решение
I answered this question on the Grails mailing list. http://grails.1312388.n4.nabble.com/deleting-plugins-views-gsp-when-building-the-war-td4560517.html (The answer hasn't yet shown up in nabble)
You can remove/add files from/to a war file in the eventCreateWarStart event specified in scripts/_Events.groovy file.
This might work:
filename: scripts/_Events.groovy
eventCreateWarStart = { warName, stagingDir ->
Ant.delete(dir: "${stagingDir}/WEB-INF/plugins/logging-0.1/grails-app/views")
Ant.delete(dir: "${stagingDir}/WEB-INF/classes", includes:"gsp_logging*.*")
Ant.delete(dir: "${stagingDir}/WEB-INF/plugins/spring-security-ui-0.1.2/grails-app/views")
Ant.delete(dir: "${stagingDir}/WEB-INF/classes", includes:"gsp_springSecurityUi*.*")
}
I'm not sure if you could also remove plugin Controller classes without problems. We've used Filter classes to "disable" controllers provided by plugins.
As a side-note you can disable "development-only" plugins in the production environment by using the yet undocumented "grails.plugins.excludes" feature:
Example: in Config.groovy:
import grails.util.Environment
if(Environment.current == Environment.PRODUCTION) {
grails.plugin.excludes = ['somePluginName']
}
