From f7470807bfa88a0f6e02a59ddde2ad1a802a4ff2 Mon Sep 17 00:00:00 2001 From: scottmk Date: Thu, 8 Jul 2010 14:56:37 +0000 Subject: [PATCH] Streamline pcrud a bit. If there is a permacrud entry for the relevant action, but the list of permissions is empty, we grant access. The change: grant access as soon as the permission list can be known to be empty, instead of doing a lot of irrelevant stuff first (including extra database fetches in some cases). M Open-ILS/src/c-apps/oils_sql.c git-svn-id: svn://svn.open-ils.org/ILS/trunk@16880 dcc99617-32d9-48b4-a31d-7c20da2025e4 --- Open-ILS/src/c-apps/oils_sql.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/Open-ILS/src/c-apps/oils_sql.c b/Open-ILS/src/c-apps/oils_sql.c index 1dbaeb8c5..cc3147f19 100644 --- a/Open-ILS/src/c-apps/oils_sql.c +++ b/Open-ILS/src/c-apps/oils_sql.c @@ -1379,6 +1379,10 @@ static int verifyObjectPCRUD ( osrfMethodContext* ctx, const jsonObject* obj ) // Get a list of permissions from the permacrud entry. osrfStringArray* permission = osrfHashGet( pcrud, "permission" ); + if( permission->size == 0 ) { + osrfLogDebug( OSRF_LOG_MARK, "No permissions required for this action, passing through" ); + return 1; + } // Build a list of org units that own the row. This is fairly convoluted because there // are several different ways that an org unit may own the row, as defined by the @@ -1677,11 +1681,6 @@ static int verifyObjectPCRUD ( osrfMethodContext* ctx, const jsonObject* obj ) const char* perm = NULL; int OK = 0; - if( permission->size == 0 ) { - osrfLogDebug( OSRF_LOG_MARK, "No permission specified for this action, passing through" ); - OK = 1; - } - // For every combination of permission and context org unit: call a stored procedure // to determine if the user has this permission in the context of this org unit. // If the answer is yes at any point, then we're done, and the user has permission. -- 2.11.0