Changeset 1091
- Timestamp:
- 08/03/12 09:07:20 (12 years ago)
- Location:
- trunk
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LATMOS-Accounts-Web/root/html/admin/requests/default.tt
r971 r1091 49 49 50 50 [% IF loop.last %] 51 [% IF request.check_acl %] 51 52 <tr><td></td><td></td><td> 52 53 <input name="_cancel" type="submit" value="Refuser"> 53 54 <input name="_validate" type="submit" value="Procéder"> 54 55 </td></tr> 56 [% END %] 55 57 </table> 56 58 </form> -
trunk/LATMOS-Accounts-Web/root/html/admin/requests/index.tt
r1004 r1091 19 19 <tr> 20 20 <td> 21 [% IF req.check_acl %] 22 OK 23 [% ELSE %] 24 perm denied 25 [% END %] 21 26 <a href=[% c.uri_for(id) %]> 22 27 [% req.accreq.get_attributes('description') || req.accreq.id | truncate(20) | html %] -
trunk/LATMOS-Accounts/lib/LATMOS/Accounts/Bases.pm
r1076 r1091 951 951 } 952 952 953 =head2 user 954 955 Return the current connected username 956 957 =cut 958 959 sub user { $_[0]->{_user} } 960 953 961 =head2 check_acl($obj, $attr, $perm) 954 962 … … 961 969 my ($self, $obj, $attr, $perm) = @_; 962 970 if ($self->{_acls}) { 963 my ($who, $groups) = ($self-> {_user}|| '');971 my ($who, $groups) = ($self->user || ''); 964 972 if ($who && (my $uo = $self->get_object('user', $who))) { 965 973 $groups = [ $uo->_get_attributes('memberOf') ]; -
trunk/LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Sql.pm
r1071 r1091 487 487 =head2 list_requests 488 488 489 List user request currently waiting in base489 list user request currently waiting in base 490 490 491 491 =cut … … 500 500 }); 501 501 $sth->execute; 502 my @ids; 503 while (my $res = $sth->fetchrow_hashref) { 504 push(@ids, $res->{id}); 505 } 506 507 @ids 508 } 509 510 =head2 list_requests_by_submitter ($id) 511 512 list user request currently waiting in base ask by user C<$id> 513 514 =cut 515 516 sub list_requests_by_submitter { 517 my ($self, $id) = @_; 518 519 my $sth = $self->db->prepare(q{ 520 select id from request 521 where done is null and user = ? 522 order by apply 523 }); 524 $sth->execute($id); 525 my @ids; 526 while (my $res = $sth->fetchrow_hashref) { 527 push(@ids, $res->{id}); 528 } 529 530 @ids 531 } 532 533 534 =head2 list_request_by_object ($otype, $id) 535 536 Return the list of pending request for a specific object 537 538 =cut 539 540 sub list_request_by_object { 541 my ($self, $otype, $id) = @_; 542 543 my $sth = $self->db->prepare(q{ 544 select * from request join 545 accreq on request.name = accreq.name 546 join accreq_attributes on accreq_attributes.okey = accreq.ikey 547 where 548 request.applied is NULL and 549 accreq_attributes.attr = 'oType' and 550 accreq_attributes.value = ? 551 and request.object = ? 552 order by apply 553 }); 554 $sth->execute($otype, $id); 502 555 my @ids; 503 556 while (my $res = $sth->fetchrow_hashref) { -
trunk/LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Sql/DataRequest.pm
r1071 r1091 7 7 use LATMOS::Accounts::Utils; 8 8 use LATMOS::Accounts::Log; 9 use LATMOS::Accounts::Acls::Acl; 9 10 10 11 our $VERSION = (q$Rev$ =~ /^Rev: (\d+) /)[0]; … … 525 526 my ($self, $comment, %attrs) = @_; 526 527 528 $self->check_acl or do { 529 $self->base->log(LA_ERR, 'Can\'t apply to object, permission denied by acl'); 530 }; 531 527 532 my %newvalues = $self->_prepare_attrs(%attrs); 528 533 … … 652 657 } 653 658 659 =head2 check_acl 660 661 Return true if current connected user can validate the request 662 663 =cut 664 665 sub check_acl { 666 my ($self) = @_; 667 668 my $attr = $self->accreq->parse_form(); 669 if (exists($attr->{validators})) { 670 my $acl = LATMOS::Accounts::Acls::Acl->new( 671 '*.*', 672 [ map { " $_: write"} @{$attr->{validators} || [] } ] 673 ); 674 my ($who, $groups) = ($self->base->user || ''); 675 if ($who && (my $uo = $self->base->get_object('user', $who))) { 676 $groups = [ $uo->_get_attributes('memberOf') ]; 677 } else { 678 $who = ''; 679 } 680 681 my $res = $acl->match($self->oobject || $self->otype, 'valid', 'w', $self->base->user, $groups); 682 defined($res) and return $res; 683 684 return; 685 } 686 687 # Check global Acl 688 if ($self->base->check_acl('request', 'VALIDATE', 'w')) { 689 return 1; 690 } 691 692 my $res = $self->_check_attr_acl; 693 return $res 694 } 695 696 sub _check_attr_acl { 697 my ($self) = @_; 698 699 if ($self->is_for_new_object) { 700 return $self->base->check_acl($self->otype, 'CREATE', 'w'); 701 } else { 702 my $obj = $self->oobject; 703 foreach my $attr ($self->attributes) { 704 $self->base->check_acl($obj, $attr, 'w') or return; 705 } 706 return 1; 707 } 708 } 709 710 =head2 check_is_owner 711 712 Return true if the connected user is the original requester 713 714 =cut 715 716 sub check_is_owner { 717 my ($self) = @_; 718 719 return (($self->base->user || '') eq ($self->user || '--')) 720 } 721 654 722 1; 655 723
Note: See TracChangeset
for help on using the changeset viewer.