[vhffs-dev] [1998] removed useless ACL on user subscribe, compat' clean of ACL in database |
[ Thread Index |
Date Index
| More vhffs.org/vhffs-dev Archives
]
Revision: 1998
Author: gradator
Date: 2012-02-07 23:18:33 +0100 (Tue, 07 Feb 2012)
Log Message:
-----------
removed useless ACL on user subscribe, compat' clean of ACL in database
Modified Paths:
--------------
trunk/vhffs-api/src/Vhffs/Panel/Subscribe.pm
Added Paths:
-----------
trunk/vhffs-compat/from-4.3-to-4.4.sql
Modified: trunk/vhffs-api/src/Vhffs/Panel/Subscribe.pm
===================================================================
--- trunk/vhffs-api/src/Vhffs/Panel/Subscribe.pm 2012-02-07 20:48:54 UTC (rev 1997)
+++ trunk/vhffs-api/src/Vhffs/Panel/Subscribe.pm 2012-02-07 22:18:33 UTC (rev 1998)
@@ -122,7 +122,6 @@
}
else {
Vhffs::Acl::add_acl( $user , $user , Vhffs::Constants::ACL_DELETE , $vhffs );
- Vhffs::Acl::add_acl( $user->get_group , $user , Vhffs::Constants::ACL_DENIED , $vhffs );
# Newsletter
if( $vhffs->get_config->get_service_availability('newsletter') ) {
Added: trunk/vhffs-compat/from-4.3-to-4.4.sql
===================================================================
--- trunk/vhffs-compat/from-4.3-to-4.4.sql (rev 0)
+++ trunk/vhffs-compat/from-4.3-to-4.4.sql 2012-02-07 22:18:33 UTC (rev 1998)
@@ -0,0 +1,10 @@
+-- Old VHFFS users have unused ACL perm level 12 in their databases
+UPDATE vhffs_acl SET perm=10 WHERE perm=12;
+
+-- Remove useless and buggy ACL
+-- There was a stupid ACL where granted_oid is the primary group of a user (so this is a default ACL on users of this group given ACL terminology used in VHFFS)
+-- BUT target_oid is the user itself. So it means that the user of its own group, so the user itself (granted) gets ACL_DENIED perm on the user itself (target).
+-- VHFFS have to handle user primary groups outside of ACL scope, we can remove all of those ACL.
+-- Although, default ACL is ACL_DENIED, which is what we want for users on their primary group.
+DELETE FROM vhffs_acl acl WHERE acl.target_oid IN (SELECT object_id FROM vhffs_object WHERE type=10) AND acl.granted_oid IN (SELECT object_id FROM vhffs_object WHERE type=11);
+