From: erickson <erickson@dcc99617-32d9-48b4-a31d-7c20da2025e4>
Date: Wed, 30 Sep 2009 18:23:04 +0000 (+0000)
Subject: added support for checking work_ou perms for a given user that is not the logged... 
X-Git-Url: https://old-git.evergreen-ils.org/?a=commitdiff_plain;h=a6e717cf2e8f80c5476eafba453dac051bae9f8e;p=contrib%2FConifer.git

added support for checking work_ou perms for a given user that is not the logged in user in open-ils.actor.user.has_work_perm_at[.batch]

git-svn-id: svn://svn.open-ils.org/ILS/trunk@14227 dcc99617-32d9-48b4-a31d-7c20da2025e4
---

diff --git a/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm b/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm
index 2c4fe2257c..c6f9efe809 100644
--- a/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm
+++ b/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm
@@ -1322,16 +1322,22 @@ __PACKAGE__->register_method(
         params => [
 		    {desc => 'authtoken', type => 'string'},
             {desc => 'permission name', type => 'string'},
+            {desc => q/user id, optional.  If present, check perms for 
+                this user instead of the logged in user/, type => 'number'},
         ],
         return => {desc => 'An array of org IDs'}
     }
 );
 
 sub user_has_work_perm_at {
-    my($self, $conn, $auth, $perm) = @_;
+    my($self, $conn, $auth, $perm, $user_id) = @_;
     my $e = new_editor(authtoken=>$auth);
     return $e->event unless $e->checkauth;
-    return $U->user_has_work_perm_at($e, $perm);
+    if(defined $user_id) {
+        my $user = $e->retrieve_actor_user($user_id) or return $e->event;
+        return $e->event unless $e->allowed('VIEW_PERMISSION', $user->home_ou);
+    }
+    return $U->user_has_work_perm_at($e, $perm, undef, $user_id);
 }
 
 __PACKAGE__->register_method(
@@ -1341,9 +1347,13 @@ __PACKAGE__->register_method(
 );
 
 sub user_has_work_perm_at_batch {
-    my($self, $conn, $auth, $perms) = @_;
+    my($self, $conn, $auth, $perms, $user_id) = @_;
     my $e = new_editor(authtoken=>$auth);
     return $e->event unless $e->checkauth;
+    if(defined $user_id) {
+        my $user = $e->retrieve_actor_user($user_id) or return $e->event;
+        return $e->event unless $e->allowed('VIEW_PERMISSION', $user->home_ou);
+    }
     my $map = {};
     $map->{$_} = $U->user_has_work_perm_at($e, $_) for @$perms;
     return $map;
diff --git a/Open-ILS/src/perlmods/OpenILS/Application/AppUtils.pm b/Open-ILS/src/perlmods/OpenILS/Application/AppUtils.pm
index 8d254bdc16..96cb4b784a 100644
--- a/Open-ILS/src/perlmods/OpenILS/Application/AppUtils.pm
+++ b/Open-ILS/src/perlmods/OpenILS/Application/AppUtils.pm
@@ -1205,13 +1205,14 @@ sub find_highest_perm_org {
 
 # returns the org_unit ID's 
 sub user_has_work_perm_at {
-    my($self, $e, $perm, $options) = @_;
+    my($self, $e, $perm, $options, $user_id) = @_;
     $options ||= {};
+    $user_id = (defined $user_id) ? $user_id : $e->requestor->id;
 
     my $func = 'permission.usr_has_perm_at';
     $func = $func.'_all' if $$options{descendants};
 
-    my $orgs = $e->json_query({from => [$func, $e->requestor->id, $perm]});
+    my $orgs = $e->json_query({from => [$func, $user_id, $perm]});
     $orgs = [map { $_->{ (keys %$_)[0] } } @$orgs];
 
     return $orgs unless $$options{objects};