[Jifty-commit] r2025 - jifty/trunk/lib/Jifty
jifty-commit at lists.jifty.org
jifty-commit at lists.jifty.org
Sat Oct 14 04:29:26 EDT 2006
Author: clkao
Date: Sat Oct 14 04:29:26 2006
New Revision: 2025
Modified:
jifty/trunk/lib/Jifty/Action.pm
jifty/trunk/lib/Jifty/Collection.pm
jifty/trunk/lib/Jifty/Record.pm
Log:
* Add _is_readable in Jifty::Record, which means the record should
bypass current_user_can in check_read_rights.
* Add results_are_readable argument to collection to mark records with
_is_readable.
Modified: jifty/trunk/lib/Jifty/Action.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Action.pm (original)
+++ jifty/trunk/lib/Jifty/Action.pm Sat Oct 14 04:29:26 2006
@@ -936,7 +936,7 @@
display => ( $_->$disp() || '' ),
value => ( $_->$val() || '' )
}
- } grep {$_->current_user_can("read")} @{ $v->{'collection'}->items_array_ref };
+ } grep {$_->check_read_rights} @{ $v->{'collection'}->items_array_ref };
}
else {
Modified: jifty/trunk/lib/Jifty/Collection.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Collection.pm (original)
+++ jifty/trunk/lib/Jifty/Collection.pm Sat Oct 14 04:29:26 2006
@@ -44,9 +44,16 @@
L<Data::Page> methods on this object to B<get> information about paging,
not to B<set> it; use C<set_page_info> to set paging information.
+=head2 results_are_readable
+
+If your results from the query is guaranteed to be readable by
+current_user, you can create the collection with
+C<results_are_readable => 1>. This is cause check_read_rights to
+bypass normal current_user_can checks.
+
=cut
-__PACKAGE__->mk_accessors(qw(pager));
+__PACKAGE__->mk_accessors(qw(pager results_are_readable));
=head2 add_record
@@ -57,7 +64,12 @@
sub add_record {
my $self = shift;
my($record) = (@_);
- $self->SUPER::add_record($record) if $record->current_user_can("read");
+
+ $record->_is_readable(1)
+ if $self->results_are_readable;
+
+ $self->SUPER::add_record($record)
+ if $self->results_are_readable || $record->check_read_rights;
}
sub _init {
@@ -66,11 +78,13 @@
my %args = (
record_class => undef,
current_user => undef,
+ results_are_readable => undef,
@_
);
$self->_get_current_user(%args);
$self->record_class($args{record_class}) if defined $args{record_class};
+ $self->results_are_readable($args{results_are_readable});
unless ($self->current_user) {
Carp::confess("Collection created without a current user");
}
Modified: jifty/trunk/lib/Jifty/Record.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Record.pm (original)
+++ jifty/trunk/lib/Jifty/Record.pm Sat Oct 14 04:29:26 2006
@@ -14,9 +14,8 @@
=cut
-use base qw/Jifty::Object/;
-use base qw/Jifty::DBI::Record/;
-
+use base qw(Jifty::Object Jifty::DBI::Record Class::Accessor::Fast);
+__PACKAGE__->mk_accessors('_is_readable');
sub _init {
my $self = shift;
@@ -210,8 +209,11 @@
=cut
-sub check_read_rights { return shift->current_user_can('read', column => shift) }
-
+sub check_read_rights {
+ my $self = shift;
+ return (1) if $self->_is_readable;
+ return $self->current_user_can( 'read', column => shift );
+}
=head2 check_update_rights
@@ -349,6 +351,8 @@
# perhaps the handle should have an initiializer for records/collections
my $object = $classname->new(current_user => $self->current_user);
$object->load_by_cols(( $column->by || 'id') => $value) if ($value);
+ # XXX: an attribute or hook to let model class declare implicit
+ # readable refers_to columns. $object->_is_readable(1) if $column->blah;
return $object;
}
More information about the Jifty-commit
mailing list