in plugin-core/plugin/src/main/groovy/grails/plugin/springsecurity/web/access/intercept/AnnotationFilterInvocationDefinition.groovy [401:440]
private void findAnnotations(Map<String, List<InterceptedUrl>> actionRoles, List<InterceptedUrl> classRoles,
Map<String, List<InterceptedUrl>> actionClosures, List<InterceptedUrl> classClosures,
Class<?> clazz, String controllerUri, boolean forController = true) {
Annotation annotation = clazz.getAnnotation(SpringSecured)
if (!annotation) {
annotation = clazz.getAnnotation(PluginSecured)
if (annotation) {
Class<?> closureClass = findClosureClass((PluginSecured)annotation)
if (closureClass) {
log.trace 'found class-scope annotation with a closure in {}', clazz.name
classClosures << new InterceptedUrl(controllerUri, closureClass, getHttpMethod(annotation))
}
else {
Collection<String> values = getValue(annotation)
log.trace 'found class-scope annotation in {} with value(s) {}', clazz.name, values
classRoles << new InterceptedUrl(controllerUri, values, getHttpMethod(annotation))
}
}
}
else {
Collection<String> values = getValue(annotation)
log.trace 'found class-scope annotation in {} with value(s) {}', clazz.name, values
classRoles << new InterceptedUrl(controllerUri, values, null)
}
if (!forController) {
return
}
List<InterceptedUrl> actionData = findActionRoles(clazz)
if (actionData) {
actionRoles[controllerUri] = actionData
}
List<InterceptedUrl> closureAnnotatedData = findActionClosures(clazz)
if (closureAnnotatedData) {
actionClosures[controllerUri] = closureAnnotatedData
}
}