From abab7af81428ffdf157471b499f340e46a6ca4d8 Mon Sep 17 00:00:00 2001
From: erickson <erickson@dcc99617-32d9-48b4-a31d-7c20da2025e4>
Date: Fri, 5 Dec 2008 21:33:44 +0000
Subject: [PATCH] added apply-perms method and utility code (untested) to
 verify a perm is set

git-svn-id: svn://svn.open-ils.org/ILS/trunk@11422 dcc99617-32d9-48b4-a31d-7c20da2025e4
---
 Open-ILS/src/perlmods/OpenILS/Application/Actor.pm | 31 +++++++++
 .../perlmods/OpenILS/Application/Actor/Friends.pm  | 81 ++++++++++++++++++++++
 2 files changed, 112 insertions(+)

diff --git a/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm b/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm
index 3ad6625a3f..9c8880b998 100644
--- a/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm
+++ b/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm
@@ -3083,5 +3083,36 @@ sub retrieve_friends {
     return OpenILS::Application::Actor::Friends->retrieve_friends($e, $user_id);
 }
 
+
+
+__PACKAGE__->register_method (
+	method		=> 'apply_friend_perms',
+	api_name	=> 'open-ils.actor.friends.perms.apply',
+	signature	=> {
+        desc => q/
+        /
+    }
+);
+sub apply_friend_perms {
+    my($self, $conn, $auth, $user_id, $delegate_id, @perms) = @_;
+    my $e = new_editor(authtoken => $auth, xact => 1);
+    return $e->event unless $e->checkauth;
+
+    if($user_id != $e->requestor->id) {
+        my $user = $e->retrieve_actor_user($user_id) or return $e->die_event;
+        return $e->die_event unless $e->allowed('VIEW_USER', $user->home_ou);
+    }
+
+    for my $perm (@perms) {
+        my $evt = 
+            OpenILS::Application::Actor::Friends->apply_friend_perm(
+                $e, $user_id, $delegate_id, $perm);
+        return $evt if $evt;
+    }
+
+    $e->commit;
+    return 1;
+}
+
 1;
 
diff --git a/Open-ILS/src/perlmods/OpenILS/Application/Actor/Friends.pm b/Open-ILS/src/perlmods/OpenILS/Application/Actor/Friends.pm
index b15c1bb042..eee3207d2b 100644
--- a/Open-ILS/src/perlmods/OpenILS/Application/Actor/Friends.pm
+++ b/Open-ILS/src/perlmods/OpenILS/Application/Actor/Friends.pm
@@ -3,6 +3,7 @@ use strict; use warnings;
 use OpenILS::Application::AppUtils;
 use OpenILS::Utils::CStoreEditor q/:funcs/;
 use OpenSRF::Utils::Logger q/$logger/;
+use OpenILS::Utils::Fieldmapper;
 my $U = "OpenILS::Application::AppUtils";
 
 # ----------------------------------------------------------------
@@ -84,4 +85,84 @@ sub retrieve_friends {
     };
 }
 
+my $direct_links_query = { 
+    select => {cub =>  ['id'] }, 
+    from => {
+        cub => {
+            cubi => {field => 'bucket', fkey => 'id'}
+        }
+    }, 
+    where => {
+        '+cubi' => {target_user => undef}, 
+        '+cub' => {btype => 'folks', owner => undef}
+    },
+    limit => 1
+};
+
+sub confirmed_friends {
+    my($self, $e, $user1_id, $user2_id) = @_;
+
+    $direct_links_query->{where}->{'+cub'}->{owner} = $user1_id;
+    $direct_links_query->{where}->{'+cubi'}->{target_user} = $user2_id;
+
+    if($e->json_query($direct_links_query)->[0]) {
+        
+        $direct_links_query->{where}->{'+cub'}->{owner} = $user2_id;
+        $direct_links_query->{where}->{'+cubi'}->{target_user} = $user1_id;
+        return 1 if $e->json_query($direct_links_query)->[0];
+    }
+
+    return 0;
+}
+
+
+my $perm_check_query = { 
+    select => {cub =>  ['id'] }, 
+    from => {
+        cub => {
+            cubi => {field => 'bucket', fkey => 'id'}
+        }
+    }, 
+    limit => 1
+};
+
+# returns 1 if delegate_user is allowed to perform 'perm' for base_user
+sub friend_perm_allowed {
+    my($self, $e, $base_user_id, $delegate_user_id, $perm) = @_;
+    return 0 unless $self->confirmed_friends($base_user_id, $delegate_user_id);
+    $perm_check_query->{where} = {
+        '+cubi' => {target_user => $delegate_user_id},
+        '+cub' => {btype => "folks:$perm", owner => $base_user_id}
+    };
+    return 1 if $e->json_query($perm_check_query)->[0];
+    return 0;
+}
+
+sub apply_friend_perm {
+    my($self, $e, $base_user_id, $delegate_user_id, $perm) = @_;
+
+    my $bucket = $e->search_container_user_bucket(
+        {owner => $base_user_id, btype => "folks:$perm"})->[0];
+
+    if($bucket) {
+        # is the permission already set?
+        return undef if $e->search_container_user_bucket_item(
+            {bucket => $bucket->id, target_user => $delegate_user_id})->[0];
+
+    } else {
+        # make sure the perm-specific bucket exists for this user
+        $bucket = Fieldmapper::container::user_bucket->new;
+        $bucket->owner($base_user_id);
+        $bucket->btype("folks:$perm");
+        $bucket->name("folks:$perm");
+        $e->create_container_user_bucket($bucket) or return $e->die_event;
+    }
+
+    my $item = Fieldmapper::container::user_bucket_item->new;
+    $item->bucket($bucket->id);
+    $item->target_user($delegate_user_id);
+    $e->create_container_user_bucket_item($item) or return $e->die_event;
+    return undef;
+}
+
 23;
-- 
2.11.0