| [vhffs-dev] [958] Fixed all ACL functions, removed what_perm_for_group which were unused, what_perm_for_user is an alias for get_perm and is going to be removed soon , $user->can_view $user->can_modify $user->get_perm should be used instead |
[ Thread Index |
Date Index
| More vhffs.org/vhffs-dev Archives
]
- To: vhffs-dev@xxxxxxxxx
- Subject: [vhffs-dev] [958] Fixed all ACL functions, removed what_perm_for_group which were unused, what_perm_for_user is an alias for get_perm and is going to be removed soon , $user->can_view $user->can_modify $user->get_perm should be used instead
- From: subversion@xxxxxxxxxxxxx
- Date: Thu, 04 Oct 2007 18:13:57 +0200
Revision: 958
Author: gradator
Date: 2007-10-04 16:13:57 +0000 (Thu, 04 Oct 2007)
Log Message:
-----------
Fixed all ACL functions, removed what_perm_for_group which were unused, what_perm_for_user is an alias for get_perm and is going to be removed soon, $user->can_view $user->can_modify $user->get_perm should be used instead
Modified Paths:
--------------
trunk/vhffs-api/src/Vhffs/Acl.pm
trunk/vhffs-api/src/Vhffs/User.pm
Modified: trunk/vhffs-api/src/Vhffs/Acl.pm
===================================================================
--- trunk/vhffs-api/src/Vhffs/Acl.pm 2007-10-04 13:21:43 UTC (rev 957)
+++ trunk/vhffs-api/src/Vhffs/Acl.pm 2007-10-04 16:13:57 UTC (rev 958)
@@ -55,15 +55,19 @@
my $object = shift;
my $user = shift;
- return -1 unless( defined $vhffs && defined $object && defined $user );
+ return Vhffs::Constants::ACL_DENIED unless( defined $vhffs && defined $object && defined $user );
return Vhffs::Constants::ACL_DELETE if $user->is_admin;
- my $perm = Vhffs::Constants::ACL_DENIED;
- my $request = $vhffs->{'db'}->prepare( 'SELECT MAX(perm) FROM vhffs_acl WHERE ( granted_oid=? OR granted_oid=? ) AND target_oid=?' );
- my $rows = $request->execute($user->get_oid, $object->get_group->get_oid, $object->get_oid);
- $perm = $request->fetchrow() if( $rows > 0 );
+ my $ooid = $object->get_oid;
+ my $uoid = $user->get_oid;
+ my $goid = $object->get_group->get_oid;
- return Vhffs::Constants::ACL_VIEW if( $perm < Vhffs::Constants::ACL_VIEW && $user->is_moderator );
+ my $perm;
+ $perm = $vhffs->{'db'}->selectrow_array('SELECT perm FROM vhffs_acl WHERE granted_oid=? AND target_oid=?', undef, $uoid, $ooid);
+ $perm = $vhffs->{'db'}->selectrow_array('SELECT perm FROM vhffs_acl WHERE granted_oid=? AND target_oid=? AND EXISTS ( SELECT * FROM vhffs_user_group ug INNER JOIN vhffs_users u ON ug.uid=u.uid INNER JOIN vhffs_groups g ON ug.gid=g.gid AND u.object_id=? AND g.object_id=? )', undef, $goid, $ooid, $uoid, $goid ) unless defined $perm;
+ $perm = Vhffs::Constants::ACL_DENIED unless defined $perm;
+ $perm = Vhffs::Constants::ACL_VIEW if( $perm < Vhffs::Constants::ACL_VIEW && $user->is_moderator );
+
return $perm;
}
@@ -73,60 +77,10 @@
my $user = shift;
my $object = shift;
my $main = shift;
-
- return -1 unless( defined $user && defined $object && defined $main );
-
- my $perm = Vhffs::Constants::ACL_DENIED;
-
- my $request = $main->{'db'}->prepare( 'SELECT perm FROM vhffs_acl WHERE granted_oid=? AND target_oid=?' );
- my $rows = $request->execute($user->get_oid, $object->get_oid);
-
- if( $rows != 0 ) {
- ($perm) = $request->fetchrow();
- } else {
- $request = $main->{'db'}->prepare( 'SELECT acl.perm FROM vhffs_acl acl INNER JOIN vhffs_groups g ON g.object_id = acl.granted_oid INNER JOIN vhffs_user_group ug ON ug.gid = g.gid WHERE acl.target_oid = ? AND ug.uid = ?' );
- $rows = $request->execute( $object->{'object_id'}, $user->get_uid );
-
- if( $rows != 0 )
- {
- while( my ($lol) = $request->fetchrow_array )
- {
- $perm = $lol if( $perm < $lol );
- }
- }
- }
- return $perm;
+ return get_perm( $main , $object , $user );
}
-sub what_perm_for_group
-{
- my $group;
- my $object;
- my $main;
- my $query;
- my $request;
- my $result;
- my $rows;
- $group = shift;
- $object = shift;
- $main = shift;
-
- return -1 unless(defined $group && defined $object);
-
- $query = 'SELECT perm FROM vhffs_acl WHERE granted_oid=? AND target_oid=?';
-
- $request = $main->{'db'}->prepare( $query );
- $rows = $request->execute( $group->get_oid, $object->get_oid );
-
- if ( $rows != 0 ) {
- ($result) = $request->fetchrow();
- return $result;
- } else {
- return 0;
- }
-}
-
=pod
=head2 add_acl
Modified: trunk/vhffs-api/src/Vhffs/User.pm
===================================================================
--- trunk/vhffs-api/src/Vhffs/User.pm 2007-10-04 13:21:43 UTC (rev 957)
+++ trunk/vhffs-api/src/Vhffs/User.pm 2007-10-04 16:13:57 UTC (rev 958)
@@ -28,8 +28,6 @@
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
-
-
package Vhffs::User;
#Vhffs::User written by sod` <dieu AT gunnm DOT org>
@@ -37,6 +35,13 @@
#You can manage user with Unix.
#libnss-postgresql must be used with it to have an account on a machine with the database
+use base qw(Vhffs::Object);
+use strict;
+use DBI;
+use Vhffs::Group;
+use Vhffs::Functions;
+use Vhffs::Acl;
+
=pod
=head1 NAME
@@ -79,13 +84,6 @@
=cut
-use base qw(Vhffs::Object);
-use strict;
-use DBI;
-use Vhffs::Group;
-use Vhffs::Functions;
-use Vhffs::Acl;
-
sub _new {
my ($class, $main, $uid, $gid, $oid, $username, $passwd, $homedir, $shell, $admin, $firstname, $lastname, $address, $zipcode, $city, $country, $mail, $gpg_key, $note, $language, $theme, $date_creation, $description, $state) = @_;
my $self = $class->SUPER::_new($main, $oid, $uid, $gid, $date_creation, $description, '', $state, Vhffs::Constants::TYPE_USER);
@@ -637,7 +635,6 @@
}
-
sub get_name_by_uid
{
my $main = shift;
@@ -744,9 +741,8 @@
sub can_modify
{
- my ($self, $o) = @_;
- return (Vhffs::Acl::what_perm_for_user( $self, $o, $self->get_main) >= Vhffs::Constants::ACL_MODIFY
- || $self->is_admin );
+ my ($self, $o) = @_;
+ return ( Vhffs::Acl::get_perm( $self->get_main, $o, $self ) >= Vhffs::Constants::ACL_MODIFY );
}
=head2 can_view
@@ -761,14 +757,27 @@
sub can_view
{
- my ($self, $o) = @_;
- return (Vhffs::Acl::what_perm_for_user( $self, $o, $self->get_main) >= Vhffs::Constants::ACL_VIEW
- || $self->is_admin || $self->is_moderator );
+ my ($self, $o) = @_;
+ return ( Vhffs::Acl::get_perm( $self->get_main, $o, $self ) >= Vhffs::Constants::ACL_VIEW );
}
+=head2 get_perm
+ $perm = $user->get_perm($object);
+Returns the permission level of the user on the given object.
+
+=cut
+
+sub get_perm
+{
+ my ($self, $o) = @_;
+ return Vhffs::Acl::get_perm( $self->get_main, $o, $self );
+}
+
+
+
sub have_activegroups
{
my $self = shift;