From: scottmk <scottmk@dcc99617-32d9-48b4-a31d-7c20da2025e4>
Date: Mon, 16 Mar 2009 14:49:12 +0000 (+0000)
Subject: For usr_has_perm* functions: super_user has all permissions
X-Git-Url: https://old-git.evergreen-ils.org/?a=commitdiff_plain;h=f1cea5a914bd08417b11ce96a999db57cc405cc2;p=Evergreen.git

For usr_has_perm* functions: super_user has all permissions
everywhere (even permissions that don't exist).


git-svn-id: svn://svn.open-ils.org/ILS/trunk@12536 dcc99617-32d9-48b4-a31d-7c20da2025e4
---

diff --git a/Open-ILS/src/sql/Pg/006.schema.permissions.sql b/Open-ILS/src/sql/Pg/006.schema.permissions.sql
index 7037d3e51d..424bb1d086 100644
--- a/Open-ILS/src/sql/Pg/006.schema.permissions.sql
+++ b/Open-ILS/src/sql/Pg/006.schema.permissions.sql
@@ -314,6 +314,7 @@ RETURNS SETOF INTEGER AS $$
 -- by a DISTINCT clause.
 --
 DECLARE
+	b_super       BOOLEAN;
 	n_perm        INTEGER;
 	n_min_depth   INTEGER; 
 	n_work_ou     INTEGER;
@@ -322,6 +323,34 @@ DECLARE
 	n_curr_depth  INTEGER;
 BEGIN
 	--
+	-- Check for superuser
+	--
+	SELECT INTO b_super
+		super_user
+	FROM
+		actor.usr
+	WHERE
+		id = user_id;
+	--
+	IF NOT FOUND THEN
+		return;				-- No user?  No permissions.
+	ELSIF b_super THEN
+		--
+		-- Super user has all permissions everywhere
+		--
+		FOR n_work_ou IN
+			SELECT
+				id
+			FROM
+				actor.org_unit
+			WHERE
+				parent_ou IS NULL
+		LOOP
+			RETURN NEXT n_work_ou; 
+		END LOOP;
+		RETURN;
+	END IF;
+	--
 	-- Translate the permission name
 	-- to a numeric permission id
 	--