[open-ils-commits] [GIT] Evergreen ILS branch master updated. db7b67abd0c52a1ae92f35a7b4f28f441a9af8ad
Evergreen Git
git at git.evergreen-ils.org
Tue Aug 8 17:14:48 EDT 2017
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Evergreen ILS".
The branch, master has been updated
via db7b67abd0c52a1ae92f35a7b4f28f441a9af8ad (commit)
via 2790b6e8a1d375134ff654d098eeccafea2f27f7 (commit)
via 1f027999be137ebf3454d5a2259e40c1afb3a4b0 (commit)
from cd8c5f9ce881b2ba4a80d3fa471ba55cb13c6ac8 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit db7b67abd0c52a1ae92f35a7b4f28f441a9af8ad
Author: Galen Charlton <gmc at equinoxinitiative.org>
Date: Tue Aug 8 17:28:43 2017 -0400
LP#1480432: stamp DB update
Signed-off-by: Galen Charlton <gmc at equinoxinitiative.org>
diff --git a/Open-ILS/src/sql/Pg/002.schema.config.sql b/Open-ILS/src/sql/Pg/002.schema.config.sql
index 6cc41db..9dc75df 100644
--- a/Open-ILS/src/sql/Pg/002.schema.config.sql
+++ b/Open-ILS/src/sql/Pg/002.schema.config.sql
@@ -90,7 +90,7 @@ CREATE TRIGGER no_overlapping_deps
BEFORE INSERT OR UPDATE ON config.db_patch_dependencies
FOR EACH ROW EXECUTE PROCEDURE evergreen.array_overlap_check ('deprecates');
-INSERT INTO config.upgrade_log (version, applied_to) VALUES ('1049', :eg_version); -- mmorgan/stompro/gmcharlt
+INSERT INTO config.upgrade_log (version, applied_to) VALUES ('1050', :eg_version); -- mmorgan/cesardv/gmcharlt
CREATE TABLE config.bib_source (
id SERIAL PRIMARY KEY,
diff --git a/Open-ILS/src/sql/Pg/upgrade/XXXX.function.permission.user_perms.sql b/Open-ILS/src/sql/Pg/upgrade/1050.function.permission.user_perms.sql
similarity index 89%
rename from Open-ILS/src/sql/Pg/upgrade/XXXX.function.permission.user_perms.sql
rename to Open-ILS/src/sql/Pg/upgrade/1050.function.permission.user_perms.sql
index 10af7ba..5a9b0d5 100644
--- a/Open-ILS/src/sql/Pg/upgrade/XXXX.function.permission.user_perms.sql
+++ b/Open-ILS/src/sql/Pg/upgrade/1050.function.permission.user_perms.sql
@@ -1,6 +1,6 @@
BEGIN;
-SELECT evergreen.upgrade_deps_block_check('0991', :eg_version);
+SELECT evergreen.upgrade_deps_block_check('1050', :eg_version); -- mmorgan/cesardv/gmcharlt
CREATE OR REPLACE FUNCTION permission.usr_perms ( INT ) RETURNS SETOF permission.usr_perm_map AS $$
SELECT DISTINCT ON (usr,perm) *
commit 2790b6e8a1d375134ff654d098eeccafea2f27f7
Author: Michele Morgan <mmorgan at noblenet.org>
Date: Thu Sep 29 16:35:20 2016 -0400
LP#1480432: choose broadest depth if staff has same perm multiple times
Fixes a staff user permission depth issue that can exist when multiple
permission groups are assigned. In particular, this patch clarifies
that if a given permission is assigned to a staff member multiple times,
e.g., via mutiple profiles or by individual permission mapping, whatever
permission depth is the broadest will apply.
To test
-------
[1] Run the t/lp1480432_test_func.permissions.usr_perms_depth_sort.pg
pgTAP test.
[2] Set up a staff user that has the same permission at multiple
depths, and verify that its scope of applicability applies
at the broadest depth. For example, if you give SET_CIRC_CLAIMS_RETURNED
at system and consortial depth, verify that the staff user can
mark any loan as claims returned regardless of system.
Signed-off-by: Michele Morgan <mmorgan at noblenet.org>
Signed-off-by: Cesar Velez <cesar.velez at equinoxinitiative.org>
Signed-off-by: Galen Charlton <gmc at equinoxinitiative.org>
diff --git a/Open-ILS/src/sql/Pg/006.schema.permissions.sql b/Open-ILS/src/sql/Pg/006.schema.permissions.sql
index 30f5ce8..df154fb 100644
--- a/Open-ILS/src/sql/Pg/006.schema.permissions.sql
+++ b/Open-ILS/src/sql/Pg/006.schema.permissions.sql
@@ -177,7 +177,7 @@ CREATE OR REPLACE FUNCTION permission.usr_perms ( INT ) RETURNS SETOF permission
FROM permission.grp_perm_map p
WHERE p.grp IN (SELECT (permission.grp_ancestors(m.grp)).id FROM permission.usr_grp_map m WHERE usr = $1))
) AS x
- ORDER BY 2, 3, 1 DESC, 5 DESC ;
+ ORDER BY 2, 3, 4 ASC, 5 DESC ;
$$ LANGUAGE SQL STABLE ROWS 10;
CREATE TABLE permission.usr_work_ou_map (
diff --git a/Open-ILS/src/sql/Pg/upgrade/XXXX.function.permission.user_perms.sql b/Open-ILS/src/sql/Pg/upgrade/XXXX.function.permission.user_perms.sql
new file mode 100644
index 0000000..10af7ba
--- /dev/null
+++ b/Open-ILS/src/sql/Pg/upgrade/XXXX.function.permission.user_perms.sql
@@ -0,0 +1,27 @@
+BEGIN;
+
+SELECT evergreen.upgrade_deps_block_check('0991', :eg_version);
+
+CREATE OR REPLACE FUNCTION permission.usr_perms ( INT ) RETURNS SETOF permission.usr_perm_map AS $$
+ SELECT DISTINCT ON (usr,perm) *
+ FROM (
+ (SELECT * FROM permission.usr_perm_map WHERE usr = $1)
+ UNION ALL
+ (SELECT -p.id, $1 AS usr, p.perm, p.depth, p.grantable
+ FROM permission.grp_perm_map p
+ WHERE p.grp IN (
+ SELECT (permission.grp_ancestors(
+ (SELECT profile FROM actor.usr WHERE id = $1)
+ )).id
+ )
+ )
+ UNION ALL
+ (SELECT -p.id, $1 AS usr, p.perm, p.depth, p.grantable
+ FROM permission.grp_perm_map p
+ WHERE p.grp IN (SELECT (permission.grp_ancestors(m.grp)).id FROM permission.usr_grp_map m WHERE usr = $1))
+ ) AS x
+ ORDER BY 2, 3, 4 ASC, 5 DESC ;
+$$ LANGUAGE SQL STABLE ROWS 10;
+
+COMMIT;
+
commit 1f027999be137ebf3454d5a2259e40c1afb3a4b0
Author: Cesar Velez <cesar.velez at equinoxinitiative.org>
Date: Fri Jun 2 10:36:30 2017 -0400
LP#1480432 - Added tests for permission.usr_perms() change
Making sure that returned permissions are depth sorted ascending.
Tests and verifies mmorgan's patch for said lp bug.
Signed-off by: Cesar Velez <cesar.velez at equinoxinitiative.org>
Signed-off-by: Galen Charlton <gmc at equinoxinitiative.org>
diff --git a/Open-ILS/src/sql/Pg/t/lp1480432_test_func.permissions.usr_perms_depth_sort.pg b/Open-ILS/src/sql/Pg/t/lp1480432_test_func.permissions.usr_perms_depth_sort.pg
new file mode 100644
index 0000000..1c803d5
--- /dev/null
+++ b/Open-ILS/src/sql/Pg/t/lp1480432_test_func.permissions.usr_perms_depth_sort.pg
@@ -0,0 +1,71 @@
+BEGIN;
+
+SELECT plan(3);
+
+--------------------
+--
+-- Setup test environment and data
+--
+--------------------
+
+-- create mock permission
+INSERT INTO permission.perm_list (id, code, description)
+ VALUES (1999, 'ALTER_MATRIX_VIA_HACK','Allows a user to change something in the Matrix');
+
+-- create mock profile group
+INSERT INTO permission.grp_tree (id, name, parent, usergroup, perm_interval, description, application_perm, hold_priority)
+ VALUES (9999, 'Agent', 3, 't','3 years'::INTERVAL, 'Agent of the Matrix', 'group_application.user.staff.agent', 0);
+-- create mock profile subgroup
+INSERT INTO permission.grp_tree (id, name, parent, usergroup, perm_interval, description, application_perm, hold_priority)
+ VALUES (10000, 'Smith', 9999, 't','3 years'::INTERVAL, 'WannaCry of the Matrix', 'group_application.user.staff.smith', 0);
+-- and another independent profile
+INSERT INTO permission.grp_tree (id, name, parent, usergroup, perm_interval, description, application_perm, hold_priority)
+ VALUES (10001, 'Neo', 3, 't','3 years'::INTERVAL, 'Ye olde chosen one', 'group_application.user.staff.agent', 0);
+
+-- Insert new permission-group map into grp_perm_map
+INSERT INTO permission.grp_perm_map (id, grp, perm, depth, grantable) VALUES (887, 9999, 1999, 2, 't');
+INSERT INTO permission.grp_perm_map (id, grp, perm, depth, grantable) VALUES (888, 10001,1999, 2, 't');
+
+-- significance of the 889 ID is that it was added /after/ the rest
+INSERT INTO permission.grp_perm_map (id, grp, perm, depth, grantable) VALUES (889, 10000,1999, 1, 't');
+
+-- Create fake user
+INSERT INTO actor.usr (id, profile, ident_type, usrname, home_ou, family_name, passwd, first_given_name, expire_date, dob, suffix)
+ VALUES (7357,10000, 1, 'TEST_USER', 1, 'FAMILYNAME', 'TEST1234', 'TEST',NOW() + '3 years'::INTERVAL, NULL, NULL);
+
+Insert into actor.card (usr, barcode) VALUES (7357, 'sdvsdas456');
+
+UPDATE actor.usr SET card = CURRVAL('actor.card_id_seq') WHERE id =7357;
+
+--------------------
+--
+-- Test permission.usr_perms()
+--
+--------------------
+
+SELECT results_eq(
+ 'SELECT depth FROM permission.usr_perms(7357) where perm = 1999',
+ ARRAY[1],
+ 'LP#1480432: permission.usr_perms(7357) should return depth 1 permission first'
+);
+
+DELETE FROM permission.grp_perm_map WHERE id = 887;
+INSERT INTO permission.usr_perm_map (usr, perm, depth) VALUES (7357, 1999, 2);
+
+SELECT results_eq(
+ 'SELECT depth FROM permission.usr_perms(7357) where perm = 1999',
+ ARRAY[1],
+ 'LP#1480432: permission.usr_perms(7357) should return depth 1 permission first'
+);
+
+DELETE FROM permission.usr_perm_map WHERE usr = 7357 AND perm = 1999;
+INSERT INTO permission.usr_grp_map (usr, grp) VALUES (7357, 10001);
+
+SELECT results_eq(
+ 'SELECT depth FROM permission.usr_perms(7357) where perm = 1999',
+ ARRAY[1],
+ 'LP#1480432: permission.usr_perms(7357) should return depth 1 permission first'
+);
+
+ROLLBACK;
+
-----------------------------------------------------------------------
Summary of changes:
Open-ILS/src/sql/Pg/002.schema.config.sql | 2 +-
Open-ILS/src/sql/Pg/006.schema.permissions.sql | 2 +-
...2_test_func.permissions.usr_perms_depth_sort.pg | 71 ++++++++++++++++++++
.../1050.function.permission.user_perms.sql | 27 ++++++++
4 files changed, 100 insertions(+), 2 deletions(-)
create mode 100644 Open-ILS/src/sql/Pg/t/lp1480432_test_func.permissions.usr_perms_depth_sort.pg
create mode 100644 Open-ILS/src/sql/Pg/upgrade/1050.function.permission.user_perms.sql
hooks/post-receive
--
Evergreen ILS
More information about the open-ils-commits
mailing list