[open-ils-commits] r14456 - trunk/Open-ILS/src/perlmods/OpenILS/Application (erickson)

svn at svn.open-ils.org svn at svn.open-ils.org
Thu Oct 15 16:53:36 EDT 2009 

Author: erickson
Date: 2009-10-15 16:53:31 -0400 (Thu, 15 Oct 2009)
New Revision: 14456

Modified:
   trunk/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm
Log:
added support for tiered org unit setting permissions.  for example, if i have the UPDATE_ORG_UNIT_SETTING.foo.bar permission, I can update the foo.bar.baz setting

Modified: trunk/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm
===================================================================
--- trunk/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm	2009-10-15 20:13:43 UTC (rev 14455)
+++ trunk/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm	2009-10-15 20:53:31 UTC (rev 14456)
@@ -95,6 +95,23 @@
 __PACKAGE__->register_method(
 	method	=> "set_ou_settings",
 	api_name	=> "open-ils.actor.org_unit.settings.update",
+    signature => {
+        desc => q/
+            Updates the value for a given org unit setting.  The permission to update an org unit setting
+            is either the UPDATE_ORG_UNIT_SETTING_ALL, a specific UPDATE_ORG_UNIT_SETTING.<setting_name>
+            permission, or a permission the maps to a prefix of the setting name.  For example, if the setting
+            was called "foo.bar.baz" the user could update the setting if he\she had the following perms:
+            UPDATE_ORG_UNIT_SETTING.foo
+            UPDATE_ORG_UNIT_SETTING.foo.bar
+            UPDATE_ORG_UNIT_SETTING.foo.bar.baz/,
+        params => [
+		    {desc => 'authtoken', type => 'string'},
+            {desc => 'org unit id', type => 'number'},
+            {desc => q/Hash of setting name-value pairs/, type => 'hash'},
+        ],
+        return => {desc => '1 on success, Event on error'}
+    }
+
 );
 sub set_ou_settings {
 	my( $self, $client, $auth, $org_id, $settings ) = @_;
@@ -111,7 +128,17 @@
         my $set = $e->search_actor_org_unit_setting({org_unit => $org_id, name => $name})->[0];
 
         unless($all_allowed) {
-            return $e->die_event unless $e->allowed("UPDATE_ORG_UNIT_SETTING.$name", $org_id);
+            my $allowed = 0;
+            my $perm = 'UPDATE_ORG_UNIT_SETTING';
+            for my $part (split(/\./, $name)) {
+                $perm = "$perm.$part";
+                if($e->allowed($perm, $org_id)) {
+                    $allowed = 1;
+                    last;
+                }
+            }
+
+            return $e->die_event unless $allowed;
         }
 
         if(defined $val) {

More information about the open-ils-commits mailing list