[Jifty-commit] r4012 - in apps/CASPlus/trunk: lib/CASPlus
lib/CASPlus/Model
jifty-commit at lists.jifty.org
jifty-commit at lists.jifty.org
Thu Aug 30 18:13:42 EDT 2007
Author: sterling
Date: Thu Aug 30 18:13:41 2007
New Revision: 4012
Modified:
apps/CASPlus/trunk/ (props changed)
apps/CASPlus/trunk/lib/CASPlus/CurrentUser.pm
apps/CASPlus/trunk/lib/CASPlus/Model/Profile.pm
apps/CASPlus/trunk/lib/CASPlus/Model/ProfilePermission.pm
apps/CASPlus/trunk/lib/CASPlus/Model/ProfileRelationship.pm
apps/CASPlus/trunk/lib/CASPlus/Model/Role.pm
apps/CASPlus/trunk/lib/CASPlus/Model/RoleMember.pm
apps/CASPlus/trunk/lib/CASPlus/Model/User.pm
apps/CASPlus/trunk/lib/CASPlus/ProfileBase.pm
Log:
r11072 at riddle: andrew | 2007-08-30 10:29:00 -0500
Added additional may_manage_* helpers to CurrentUser.
Modified: apps/CASPlus/trunk/lib/CASPlus/CurrentUser.pm
==============================================================================
--- apps/CASPlus/trunk/lib/CASPlus/CurrentUser.pm (original)
+++ apps/CASPlus/trunk/lib/CASPlus/CurrentUser.pm Thu Aug 30 18:13:41 2007
@@ -225,6 +225,63 @@
return 0;
}
+=head2 may_manage_profiles
+
+Returns a true value if the current user possesses any role that would allow her to manage profiles.
+
+=cut
+
+sub may_manage_profiles {
+ my $self = shift;
+ return $self->_may_i('manage_profiles');
+}
+
+=head2 may_manage_profile_objects
+
+Returns a true value if the current user possesses any role that would allow her to manage profile objects.
+
+=cut
+
+sub may_manage_profile_objects {
+ my $self = shift;
+ return $self->_may_i('manage_profile_objects');
+}
+
+=head2 may_manage_roles
+
+Returns a true value if the current user possesses any role that would allow her to manage roles.
+
+=cut
+
+sub may_manage_roles {
+ my $self = shift;
+ return $self->_may_i('manage_roles');
+}
+
+=head2 may_manage_users
+
+Returns a true value if the current user possesses any role that would allow her to manage users.
+
+=cut
+
+sub may_manage_users {
+ my $self = shift;
+ return $self->_may_i('manage_users');
+}
+
+sub _may_i {
+ my $self = shift;
+ my $may_i_do_it = 'may_'.shift;
+
+ # Check all the roles for the requested permissions
+ for my $role ($self->roles(1)) {
+ return 1 if $role->$may_i_do_it;
+ }
+
+ # Fallback upon superuser/bootstrap user which are also granted these
+ return $self->is_superuser || $self->is_bootstrap_user;
+}
+
=head1 AUTHOR
Andrew Sterling Hanenkamp, C<<hanenkamp at cpan.org>>>
Modified: apps/CASPlus/trunk/lib/CASPlus/Model/Profile.pm
==============================================================================
--- apps/CASPlus/trunk/lib/CASPlus/Model/Profile.pm (original)
+++ apps/CASPlus/trunk/lib/CASPlus/Model/Profile.pm Thu Aug 30 18:13:41 2007
@@ -244,12 +244,7 @@
return 1;
}
- else {
- for my $role ($self->current_user->roles) {
- return 1 if $role->may_manage_profiles;
- }
- }
-
+ return 1 if $self->current_user->may_manage_profiles;
return $self->SUPER::current_user_can($right, %args);
}
Modified: apps/CASPlus/trunk/lib/CASPlus/Model/ProfilePermission.pm
==============================================================================
--- apps/CASPlus/trunk/lib/CASPlus/Model/ProfilePermission.pm (original)
+++ apps/CASPlus/trunk/lib/CASPlus/Model/ProfilePermission.pm Thu Aug 30 18:13:41 2007
@@ -288,9 +288,7 @@
}
# Grant anything if the user has may_manage_roles
- if (any { $_->may_manage_roles } $self->current_user->roles(1)) {
- return 1;
- }
+ return 1 if $self->current_user->may_manage_roles;
# Fallback on the default implementation
return $self->SUPER::current_user_can($right, %args);
Modified: apps/CASPlus/trunk/lib/CASPlus/Model/ProfileRelationship.pm
==============================================================================
--- apps/CASPlus/trunk/lib/CASPlus/Model/ProfileRelationship.pm (original)
+++ apps/CASPlus/trunk/lib/CASPlus/Model/ProfileRelationship.pm Thu Aug 30 18:13:41 2007
@@ -569,12 +569,7 @@
return 1;
}
- else {
- for my $role ($self->current_user->roles) {
- return 1 if $role->may_manage_profiles;
- }
- }
-
+ return 1 if $self->current_user->may_manage_profiles;
return $self->SUPER::current_user_can($right, %args);
}
Modified: apps/CASPlus/trunk/lib/CASPlus/Model/Role.pm
==============================================================================
--- apps/CASPlus/trunk/lib/CASPlus/Model/Role.pm (original)
+++ apps/CASPlus/trunk/lib/CASPlus/Model/Role.pm Thu Aug 30 18:13:41 2007
@@ -100,12 +100,7 @@
return 1;
}
- # Check to see if the current user is this role or has manage roles
- if (any { $_->id eq $self->id || $_->may_manage_roles }
- $self->current_user->roles(1)) {
- return 1;
- }
-
+ return 1 if $self->current_user->may_manage_roles;
return $self->SUPER::current_user_can($right, %args);
}
Modified: apps/CASPlus/trunk/lib/CASPlus/Model/RoleMember.pm
==============================================================================
--- apps/CASPlus/trunk/lib/CASPlus/Model/RoleMember.pm (original)
+++ apps/CASPlus/trunk/lib/CASPlus/Model/RoleMember.pm Thu Aug 30 18:13:41 2007
@@ -108,7 +108,7 @@
}
# Check to see if any role has manage roles set
- if (any { $_->may_manage_roles } $self->current_user->roles(1)) {
+ if ($self->current_user->may_manage_roles) {
return 1;
}
Modified: apps/CASPlus/trunk/lib/CASPlus/Model/User.pm
==============================================================================
--- apps/CASPlus/trunk/lib/CASPlus/Model/User.pm (original)
+++ apps/CASPlus/trunk/lib/CASPlus/Model/User.pm Thu Aug 30 18:13:41 2007
@@ -160,10 +160,7 @@
}
}
- if (any { $_->may_manage_users } $self->current_user->roles) {
- return 1;
- }
-
+ return 1 if $self->current_user->may_manage_users;
return $self->SUPER::current_user_can($right, %args);
}
Modified: apps/CASPlus/trunk/lib/CASPlus/ProfileBase.pm
==============================================================================
--- apps/CASPlus/trunk/lib/CASPlus/ProfileBase.pm (original)
+++ apps/CASPlus/trunk/lib/CASPlus/ProfileBase.pm Thu Aug 30 18:13:41 2007
@@ -29,9 +29,7 @@
sub current_user_can {
my ($self, $right, %args) = @_;
- if (any { $_->may_manage_profile_objects } $self->current_user->roles) {
- return 1;
- }
+ return 1 if $self->current_user->may_manage_profile_objects;
if ($self->current_user->can_access_profile($self, $right, %args)) {
return 1;
More information about the Jifty-commit
mailing list