61 |
|
|
62 |
my ($action,$item,$name) = @_; |
my ($action,$item,$name) = @_; |
63 |
|
|
64 |
|
# warn "current_user_can $action | $item | ", $name ? $name : 'NO NAME', "\n"; |
65 |
|
|
66 |
# prevent deep recursion for next rule |
# prevent deep recursion for next rule |
67 |
if ( $action && $item && $name && |
if ( $action && $item && $action eq 'read' && $item eq 'column' ) { |
68 |
$action eq 'read' && $item eq 'column' && ( $name eq 'owner' || $name eq 'visible' ) |
# return 1 if !defined($name); # special case for my group by query -- might be security hole! |
69 |
) { |
return 1 if ( $name && $name =~ m/^(owner|visible)$/ ); |
|
return 1; |
|
70 |
} |
} |
71 |
|
|
72 |
if ( $self->visible || $self->owner == $self->current_user->id ) { |
if ( $self->visible || $self->owner == $self->current_user->id ) { |
73 |
return 1; |
return 1; |
74 |
}; |
}; |
75 |
|
|
76 |
return 1 if ( $self->visible && self->current_user->role('edit')); |
return 1 if ( $self->visible && $self->current_user->role('edit')); |
77 |
|
return 1 if ( $action eq 'create' && $self->current_user->role('edit')); |
78 |
|
|
79 |
return 1 if ( $self->current_user->is_superuser ); |
return 1 if ( $self->current_user->is_superuser ); |
80 |
|
|