more flexible permission control system ...
This commit is contained in:
Jocelyn Fiat
@@ -77,7 +77,7 @@ feature -- Access: CMS
|
|||||||
|
|
||||||
feature -- Permission
|
feature -- Permission
|
||||||
|
|
||||||
has_permissions (lst: detachable ITERABLE [READABLE_STRING_8]): BOOLEAN
|
frozen has_permissions (lst: detachable ITERABLE [READABLE_STRING_8]): BOOLEAN
|
||||||
do
|
do
|
||||||
if lst = Void then
|
if lst = Void then
|
||||||
Result := True
|
Result := True
|
||||||
@@ -86,9 +86,11 @@ feature -- Permission
|
|||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
has_permission (s: detachable READABLE_STRING_8): BOOLEAN
|
frozen has_permission (s: detachable READABLE_STRING_8): BOOLEAN
|
||||||
-- Anonymous or Current `user' has permission for `s'
|
-- Anonymous or Current `user' has permission for `s'
|
||||||
--| `s' could be "create page",
|
--| `s' could be "create page",
|
||||||
|
local
|
||||||
|
u: detachable CMS_USER
|
||||||
do
|
do
|
||||||
if s = Void then
|
if s = Void then
|
||||||
Result := True
|
Result := True
|
||||||
@@ -96,10 +98,11 @@ feature -- Permission
|
|||||||
if s.same_string ("authenticated") then
|
if s.same_string ("authenticated") then
|
||||||
Result := authenticated
|
Result := authenticated
|
||||||
else
|
else
|
||||||
if s.has_substring ("admin") or s.has_substring ("users") then
|
u := user
|
||||||
Result := attached user as u and then u.is_admin
|
if u /= Void and then u.is_admin then
|
||||||
else
|
|
||||||
Result := True
|
Result := True
|
||||||
|
else
|
||||||
|
Result := service.user_has_permission (u, s)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|||||||
@@ -308,6 +308,15 @@ feature -- Report
|
|||||||
Result := req.path_info.same_string (front_path)
|
Result := req.path_info.same_string (front_path)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
feature {CMS_EXECUTION, CMS_MODULE} -- Security report
|
||||||
|
|
||||||
|
user_has_permission (u: detachable CMS_USER; s: detachable READABLE_STRING_8): BOOLEAN
|
||||||
|
-- Anonymous or user `u' has permission for `s' ?
|
||||||
|
--| `s' could be "create page",
|
||||||
|
do
|
||||||
|
Result := storage.user_has_permission (u, s)
|
||||||
|
end
|
||||||
|
|
||||||
feature -- Storage
|
feature -- Storage
|
||||||
|
|
||||||
session_controller (req: WSF_REQUEST): CMS_SESSION_CONTROLER
|
session_controller (req: WSF_REQUEST): CMS_SESSION_CONTROLER
|
||||||
|
|||||||
@@ -56,6 +56,19 @@ feature -- Access: user
|
|||||||
deferred
|
deferred
|
||||||
end
|
end
|
||||||
|
|
||||||
|
user_has_permission (u: detachable CMS_USER; s: detachable READABLE_STRING_8): BOOLEAN
|
||||||
|
-- Anonymous or user `u' has permission for `s' ?
|
||||||
|
--| `s' could be "create page",
|
||||||
|
do
|
||||||
|
if s = Void then
|
||||||
|
Result := True
|
||||||
|
elseif s.has_substring ("admin") or s.has_substring ("users") then
|
||||||
|
Result := False
|
||||||
|
else
|
||||||
|
Result := True
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
feature -- Change: user
|
feature -- Change: user
|
||||||
|
|
||||||
save_user (a_user: CMS_USER)
|
save_user (a_user: CMS_USER)
|
||||||
|
|||||||
Reference in New Issue
Block a user