Skip to content

Add YAML examples for staticRules and interceptUrlMap#1206

Open
jamesfredley wants to merge 2 commits intoapache:7.0.xfrom
jamesfredley:docs/add-yaml-examples-for-static-rules
Open

Add YAML examples for staticRules and interceptUrlMap#1206
jamesfredley wants to merge 2 commits intoapache:7.0.xfrom
jamesfredley:docs/add-yaml-examples-for-static-rules

Conversation

@jamesfredley
Copy link
Contributor

Summary

The controllerAnnotations.staticRules and interceptUrlMap documentation only shows application.groovy syntax. Grails 7 uses application.yml by default, and no YAML examples exist anywhere in the docs. This causes confusion when translating the Groovy list-of-maps syntax to YAML - a common mistake is omitting the - list indicator, which produces a Map instead of a List<Map> and triggers the error: "Static rules defined as a Map are not supported; must be specified as a List of Maps."

Changes

securedAnnotations.adoc - controllerAnnotations.staticRules section

  • Added YAML flow mapping example alongside existing Groovy example
  • Added YAML block mapping example showing expanded syntax
  • Added [IMPORTANT] admonition documenting the Map-vs-List-of-Maps pitfall with incorrect YAML example

configGroovyMap.adoc - interceptUrlMap section

  • Added YAML example for securityConfigType configuration
  • Added YAML example for interceptUrlMap definition alongside existing Groovy example
  • Added YAML example for custom mappings

Why This Matters

The code in AnnotationFilterInvocationDefinition.compileStaticRules() accepts any List<Map<String, Object>> regardless of YAML syntax - both flow mapping ({ }) and block mapping work correctly. The issue is purely a documentation gap: users don't know how to write the YAML equivalent of the Groovy syntax, and YAML indentation mistakes are easy to make without examples to follow.

Version

7.0.x

Copilot AI review requested due to automatic review settings February 17, 2026 15:57
@jamesfredley jamesfredley self-assigned this Feb 17, 2026
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds application.yml (YAML) configuration examples to Spring Security request-mapping documentation so Grails 7 users can translate existing application.groovy examples correctly and avoid common YAML structure pitfalls.

Changes:

  • Added YAML flow + block mapping examples for controllerAnnotations.staticRules, plus an IMPORTANT note about Map vs List-of-Maps mistakes.
  • Added YAML examples for securityConfigType: InterceptUrlMap and interceptUrlMap definitions (including custom mappings).

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File Description
plugin-core/docs/src/docs/requestMappings/securedAnnotations.adoc Adds YAML examples for controllerAnnotations.staticRules and documents the common YAML list indicator pitfall.
plugin-core/docs/src/docs/requestMappings/configGroovyMap.adoc Adds YAML equivalents for securityConfigType and interceptUrlMap configuration examples.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment on lines 203 to 206
staticRules:
pattern: '/**'
access:
- permitAll
Copy link

Copilot AI Feb 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The incorrect YAML example is shown at the root (staticRules:), but in a real application.yml this key needs to be under grails.plugin.springsecurity.controllerAnnotations. As written, readers may copy/paste the example and end up with a different (also invalid) configuration issue than the intended Map-vs-List pitfall. Consider including the full config path (or explicitly stating that the snippet is intentionally truncated to just the staticRules portion).

Suggested change
staticRules:
pattern: '/**'
access:
- permitAll
grails:
plugin:
springsecurity:
controllerAnnotations:
staticRules:
pattern: '/**'
access:
- permitAll

Copilot uses AI. Check for mistakes.
- ROLE_ADMIN
----

This example maps all URLs associated with `SomePluginController`, which has URLs of the form `/somePlugin/...`, to `ROLE_ADMIN`; annotations are not an option here because you would not edit plugin code for a change like this.
Copy link

Copilot AI Feb 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The text says SomePluginController URLs are of the form /somePlugin/..., but all examples in this section use the lowercase pattern /someplugin/**. These should match to avoid confusing readers about case sensitivity in URL patterns.

Suggested change
This example maps all URLs associated with `SomePluginController`, which has URLs of the form `/somePlugin/...`, to `ROLE_ADMIN`; annotations are not an option here because you would not edit plugin code for a change like this.
This example maps all URLs associated with `SomePluginController`, which has URLs of the form `/someplugin/...`, to `ROLE_ADMIN`; annotations are not an option here because you would not edit plugin code for a change like this.

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

Status: No status

Development

Successfully merging this pull request may close these issues.

2 participants