For usr_has_perm* functions: super_user has all permissions

everywhere (even permissions that don't exist).

git-svn-id: svn://svn.open-ils.org/ILS/trunk@12536 dcc99617-32d9-48b4-a31d-7c20da2025e4

diff --git a/Open-ILS/src/sql/Pg/006.schema.permissions.sql b/Open-ILS/src/sql/Pg/006.schema.permissions.sql
index 7037d3e..424bb1d 100644 (file)
--- a/Open-ILS/src/sql/Pg/006.schema.permissions.sql
+++ b/Open-ILS/src/sql/Pg/006.schema.permissions.sql
@@ -314,6 +314,7 @@ RETURNS SETOF INTEGER AS $$
 -- by a DISTINCT clause.
 --
 DECLARE
+       b_super       BOOLEAN;
        n_perm        INTEGER;
        n_min_depth   INTEGER; 
        n_work_ou     INTEGER;
@@ -322,6 +323,34 @@ DECLARE
        n_curr_depth  INTEGER;
 BEGIN
        --
+       -- Check for superuser
+       --
+       SELECT INTO b_super
+               super_user
+       FROM
+               actor.usr
+       WHERE
+               id = user_id;
+       --
+       IF NOT FOUND THEN
+               return;                         -- No user?  No permissions.
+       ELSIF b_super THEN
+               --
+               -- Super user has all permissions everywhere
+               --
+               FOR n_work_ou IN
+                       SELECT
+                               id
+                       FROM
+                               actor.org_unit
+                       WHERE
+                               parent_ou IS NULL
+               LOOP
+                       RETURN NEXT n_work_ou; 
+               END LOOP;
+               RETURN;
+       END IF;
+       --
        -- Translate the permission name
        -- to a numeric permission id
        --