From: miker Date: Tue, 11 Mar 2008 12:52:22 +0000 (+0000) Subject: all_perms flag and ou-less checking X-Git-Url: https://old-git.evergreen-ils.org/?a=commitdiff_plain;h=8085b0a7f7499d52ab67f29ab3fe2242a8ff8b5e;p=Evergreen.git all_perms flag and ou-less checking git-svn-id: svn://svn.open-ils.org/ILS/trunk@8961 dcc99617-32d9-48b4-a31d-7c20da2025e4 --- diff --git a/Open-ILS/src/perlmods/OpenILS/Application/PermaCrud.pm b/Open-ILS/src/perlmods/OpenILS/Application/PermaCrud.pm index 7ef4e15cc0..b9bce964d7 100644 --- a/Open-ILS/src/perlmods/OpenILS/Application/PermaCrud.pm +++ b/Open-ILS/src/perlmods/OpenILS/Application/PermaCrud.pm @@ -68,10 +68,11 @@ sub CRUD_action_object_permcheck { my ($class_node) = $xpc->findnodes( "//idl:class[\@id='$self->{class_hint}']", $idl->documentElement ); my ($action_node) = $xpc->findnodes( "perm:permacrud/perm:actions/perm:$action", $class_node ); + my $all_perms = $xpc->getAttribute( 'all_perms', $action_node ); my $perm_field_value = $aciton_node->getAttribute('permission'); - if (defined($perm_field_value)) + if (defined($perm_field_value)) { my @perms = split '|', $aciton_node->getAttribute('permission'); my @context_ous; @@ -88,34 +89,42 @@ sub CRUD_action_object_permcheck { my $context_field = $context_node->getAttribute('field'); my $link_field = $context_node->getAttribute('link'); - my ($link_node) = $xpc->findnodes( "idl:links/idl:link[\@field='$link_field']", $class_node ); - my $link_class_hint = $link_node->getAttribute('class'); - my $remote_field = $link_node->getAttribute('key'); + if ($link_field) { - my ($remote_class_node) = $xpc->findnodes( "//idl:class[\@id='$self->{class_hint}']", $idl->documentElement ); - my $search_method = 'search_' . $xpc->findvalue( '@oils_obj:fieldmapper', $remote_class_node ); - $search_method =~ s/::/_/go; + my ($link_node) = $xpc->findnodes( "idl:links/idl:link[\@field='$link_field']", $class_node ); + my $link_class_hint = $link_node->getAttribute('class'); + my $remote_field = $link_node->getAttribute('key'); - for my $remote_object ( @{$e->$search_method( { $key => $obj->$link_field } )} ) { - push @context_ous, $remote_object->$context_field; + my ($remote_class_node) = $xpc->findnodes( "//idl:class[\@id='$self->{class_hint}']", $idl->documentElement ); + my $search_method = 'search_' . $xpc->findvalue( '@oils_obj:fieldmapper', $remote_class_node ); + $search_method =~ s/::/_/go; + + for my $remote_object ( @{$e->$search_method( { $key => $obj->$link_field } )} ) { + push @context_ous, $remote_object->$context_field; + } + } else { + push @context_ous, $obj->$_ for ( split '|', $context_field ); } } } } - my ($pok, $cok) = (0, 0); + my $pok = 0; for my $perm (@perms) { - for my $c_ou (@context_ous) { - if ($e->allowed($perm => $c_ou => $obj)) { - $cok++; - last; + if (@context_ous) { + for my $c_ou (@context_ous) { + if ($e->allowed($perm => $c_ou => $obj)) { + $pok++; + last; + } } + } else { + $pok++ if ($e->allowed($perm => undef => $obj)); + next; } - $pok++ if ($cok); - $cok = 0; } - unless (@perms == $pok) { + if ((lc($all_perms) eq 'true' && @perms != $pok) or !$pok) { throw OpenSRF::DomainObject::oilsException->new( statusCode => 500, status => "Perm failure -- action: $action, object type: $self->{json_hint}",