52 |
default is defer { DateTime->now }, |
default is defer { DateTime->now }, |
53 |
filters are 'Jifty::DBI::Filter::DateTime', |
filters are 'Jifty::DBI::Filter::DateTime', |
54 |
since '0.0.6'; |
since '0.0.6'; |
55 |
|
|
56 |
|
column parent => |
57 |
|
refers_to SQLSession::Model::Query by 'id', |
58 |
|
label is 'Originator query', |
59 |
|
indexed, |
60 |
|
since '0.0.7'; |
61 |
|
|
62 |
}; |
}; |
63 |
|
|
64 |
|
sub since { '0.0.1' } |
65 |
|
|
66 |
# Your model-specific methods go here. |
# Your model-specific methods go here. |
67 |
|
|
68 |
sub current_user_can { |
sub current_user_can { |
70 |
|
|
71 |
my ($action,$item,$name) = @_; |
my ($action,$item,$name) = @_; |
72 |
|
|
73 |
|
# warn "current_user_can $action | $item | ", $name ? $name : 'NO NAME', "\n"; |
74 |
|
|
75 |
# prevent deep recursion for next rule |
# prevent deep recursion for next rule |
76 |
if ( $action && $item && $name && |
if ( $action && $item && $action eq 'read' && $item eq 'column' ) { |
77 |
$action eq 'read' && $item eq 'column' && ( $name eq 'owner' || $name eq 'visible' ) |
# return 1 if !defined($name); # special case for my group by query -- might be security hole! |
78 |
) { |
return 1 if ( $name && $name =~ m/^(owner|visible)$/ ); |
|
return 1; |
|
79 |
} |
} |
80 |
|
|
81 |
if ( $self->visible || $self->owner == $self->current_user->id ) { |
if ( $self->visible || $self->owner == $self->current_user->id ) { |
82 |
return 1; |
return 1; |
83 |
}; |
}; |
84 |
|
|
85 |
return 1 if ( $self->visible && self->current_user->role('edit')); |
return 1 if ( $self->visible && $self->current_user->role('edit')); |
86 |
|
return 1 if ( $action eq 'create' && $self->current_user->role('edit')); |
87 |
|
|
88 |
return 1 if ( $self->current_user->is_superuser ); |
return 1 if ( $self->current_user->is_superuser ); |
89 |
|
|