From df05ae28be786df311679e07f58cc2c50d976b11 Mon Sep 17 00:00:00 2001 From: Mike Rylander Date: Wed, 10 Oct 2012 17:36:52 -0400 Subject: [PATCH] Make it possible to suppress IDL fields Some clients of external services, particularly pcrud and reporter-store, need to be able to access tables that contain columns we'd rather restrict. For instance, the passwd field on actor.usr. To effect this feature we provide a blacklist attribute for fields, called suppress_controller, which works in the same way as the class controller attribute but names controllers not allowed to use the field. When the field is explicitly named in a query (fieldmapper select block or json_query) an error is thrown, and suppressed fields are ingored in general fieldmapper search/retreive requests. Signed-off-by: Mike Rylander Signed-off-by: Bill Erickson --- Open-ILS/examples/fm_IDL.xml | 2 +- Open-ILS/examples/fm_IDL.xsd | 1 + Open-ILS/src/c-apps/oils_idl-core.c | 7 +++++++ Open-ILS/src/c-apps/oils_sql.c | 29 +++++++++++++++++++++++++++-- Open-ILS/web/reports/xul/source-browse.js | 3 +++ Open-ILS/web/reports/xul/source-setup.js | 3 +++ 6 files changed, 42 insertions(+), 3 deletions(-) diff --git a/Open-ILS/examples/fm_IDL.xml b/Open-ILS/examples/fm_IDL.xml index 5b9725a6b0..a7a765dbfb 100644 --- a/Open-ILS/examples/fm_IDL.xml +++ b/Open-ILS/examples/fm_IDL.xml @@ -2805,7 +2805,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA - + diff --git a/Open-ILS/examples/fm_IDL.xsd b/Open-ILS/examples/fm_IDL.xsd index b2720a1246..7ebbd51fb1 100644 --- a/Open-ILS/examples/fm_IDL.xsd +++ b/Open-ILS/examples/fm_IDL.xsd @@ -51,6 +51,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + diff --git a/Open-ILS/src/c-apps/oils_idl-core.c b/Open-ILS/src/c-apps/oils_idl-core.c index 471435c7f1..5d432ab3f1 100644 --- a/Open-ILS/src/c-apps/oils_idl-core.c +++ b/Open-ILS/src/c-apps/oils_idl-core.c @@ -156,6 +156,13 @@ osrfHash* oilsIDLInit( const char* idl_filename ) { snprintf( array_pos_buf, sizeof( array_pos_buf ), "%u", array_pos++ ); osrfHashSet( field_def_hash, strdup( array_pos_buf ), "array_position" ); + // Tokenize suppress_controller attribute into an osrfStringArray + if( (prop_str = (char*)xmlGetProp(_f, BAD_CAST "suppress_controller")) ) { + osrfLogDebug(OSRF_LOG_MARK, "Controller suppression list is %s", prop_str ); + osrfStringArray* controller = osrfStringArrayTokenize( prop_str, ' ' ); + osrfHashSet( field_def_hash, controller, "suppress_controller"); + } + if( (prop_str = (char*)xmlGetNsProp(_f, BAD_CAST "i18n", BAD_CAST PERSIST_NS)) ) { osrfHashSet( field_def_hash, diff --git a/Open-ILS/src/c-apps/oils_sql.c b/Open-ILS/src/c-apps/oils_sql.c index b262a70953..a0ba67883d 100644 --- a/Open-ILS/src/c-apps/oils_sql.c +++ b/Open-ILS/src/c-apps/oils_sql.c @@ -4203,7 +4203,16 @@ char* SELECT ( // Look up the field in the IDL const char* col_name = jsonObjectGetString( selfield ); - osrfHash* field_def = osrfHashGet( class_field_set, col_name ); + osrfHash* field_def; + + if (!osrfStringArrayContains( + osrfHashGet( + osrfHashGet( class_field_set, col_name ), + "suppress_controller"), + modulename + )) + field_def = osrfHashGet( class_field_set, col_name ); + if( !field_def ) { // No such field in current class osrfLogError( @@ -4282,7 +4291,16 @@ char* SELECT ( jsonObjectGetKeyConst( selfield, "column" ) ); // Get the field definition from the IDL - osrfHash* field_def = osrfHashGet( class_field_set, col_name ); + osrfHash* field_def; + if (!osrfStringArrayContains( + osrfHashGet( + osrfHashGet( class_field_set, col_name ), + "suppress_controller"), + modulename + )) + field_def = osrfHashGet( class_field_set, col_name ); + + if( !field_def ) { // No such field in current class osrfLogError( @@ -5202,6 +5220,9 @@ static char* buildSELECT ( const jsonObject* search_hash, jsonObject* rest_of_qu if( !field ) continue; + if (osrfStringArrayContains( osrfHashGet(field, "suppress_controller"), modulename )) + continue; + if( first ) { first = 0; } else { @@ -6056,6 +6077,10 @@ int doUpdate( osrfMethodContext* ctx ) { if( str_is_true( osrfHashGet( field_def, "virtual") ) ) continue; + if (osrfStringArrayContains( osrfHashGet(field_def, "suppress_controller"), modulename )) + continue; + + const char* field_name = osrfHashIteratorKey( field_itr ); if( ! strcmp( field_name, pkey ) ) continue; diff --git a/Open-ILS/web/reports/xul/source-browse.js b/Open-ILS/web/reports/xul/source-browse.js index 4075dd1f71..0442e3a7dc 100644 --- a/Open-ILS/web/reports/xul/source-browse.js +++ b/Open-ILS/web/reports/xul/source-browse.js @@ -36,6 +36,9 @@ function sourceTreeHandler (ev, dbl) { var name = field.getAttributeNS(rptNS,'label'); if (!name) name = field.getAttribute('name'); + var suppress = field.getAttribute('suppress_controller'); + if (suppress && suppress.indexOf('open-ils.reporter-store') > -1) continue; + var idlclass = link_fields[i].getAttribute('class'); var map = link_fields[i].getAttribute('map'); var link = link_fields[i].getAttribute('field'); diff --git a/Open-ILS/web/reports/xul/source-setup.js b/Open-ILS/web/reports/xul/source-setup.js index d3b919c515..1e0d4565a6 100644 --- a/Open-ILS/web/reports/xul/source-setup.js +++ b/Open-ILS/web/reports/xul/source-setup.js @@ -312,6 +312,9 @@ function populateDetailTree (tcNode, c, item) { var type = fields[i].getAttributeNS(rptNS, 'datatype'); //if (!type) type = 'text'; + var suppress = fields[i].getAttribute('suppress_controller'); + if (suppress && suppress.indexOf('open-ils.reporter-store') > -1) continue; + var label = fields[i].getAttributeNS(rptNS, 'label'); var name = fields[i].getAttribute('name'); if (!label) label = name; -- 2.11.0