/[SQLSession]/trunk/lib/SQLSession/Model/Query.pm
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Diff of /trunk/lib/SQLSession/Model/Query.pm

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 28 by dpavlin, Thu Dec 7 19:56:41 2006 UTC revision 92 by dpavlin, Mon Feb 5 21:31:02 2007 UTC
# Line 4  use warnings; Line 4  use warnings;
4  package SQLSession::Model::Query;  package SQLSession::Model::Query;
5  use Jifty::DBI::Schema;  use Jifty::DBI::Schema;
6  use SQLSession::Model::Database;  use SQLSession::Model::Database;
7    use SQLSession::Model::User;
8    use Scalar::Defer;
9    
10  use SQLSession::Record schema {  use SQLSession::Record schema {
11          column name =>          column name =>
# Line 30  use SQLSession::Record schema { Line 32  use SQLSession::Record schema {
32                  type is 'text',                  type is 'text',
33                  label is 'Note',                  label is 'Note',
34                  render as 'textarea',                  render as 'textarea',
35                  since 0.0.2;                  since '0.0.2';
36            
37            column visible =>
38                    type is 'boolean',
39                    default is 1,
40                    indexed,
41                    since '0.0.3';
42    
43            column owner =>
44                    refers_to SQLSession::Model::User by 'id',
45                    label is 'Query owner',
46                    default is defer { Jifty->web->current_user->id || 0 },
47                    since '0.0.6';
48    
49            column created_on =>
50                    type is 'timestamp',
51                    label is 'Created On',
52                    default is defer { DateTime->now },
53                    filters are 'Jifty::DBI::Filter::DateTime',
54                    since '0.0.6';
55  };  };
56    
57  # Your model-specific methods go here.  # Your model-specific methods go here.
58    
59    sub current_user_can {
60            my $self = shift;
61    
62            my ($action,$item,$name) = @_;
63    
64    #       warn "current_user_can $action | $item | ", $name ? $name : 'NO NAME', "\n";
65    
66            # prevent deep recursion for next rule
67            if ( $action && $item && $action eq 'read' && $item eq 'column' ) {
68    #               return 1 if !defined($name);    # special case for my group by query -- might be security hole!
69                    return 1 if ( $name && $name =~ m/^(owner|visible)$/ );
70            }
71    
72            if ( $self->visible || $self->owner == $self->current_user->id ) {
73                    return 1;
74            };
75    
76            return 1 if ( $self->visible && $self->current_user->role('edit'));
77            return 1 if ( $action eq 'create' && $self->current_user->role('edit'));
78    
79            return 1 if ( $self->current_user->is_superuser );
80    
81            return 0;
82    }
83    
84  1;  1;
85    
Legend:
Removed from v.28  
changed lines
  Added in v.92
  ViewVC Help
Powered by ViewVC 1.1.26