Index: openacs-4/packages/xotcl-core/tcl/policy-procs.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/xotcl-core/tcl/policy-procs.tcl,v diff -u -r1.23 -r1.24 --- openacs-4/packages/xotcl-core/tcl/policy-procs.tcl 27 Oct 2014 16:42:01 -0000 1.23 +++ openacs-4/packages/xotcl-core/tcl/policy-procs.tcl 7 Aug 2017 23:48:30 -0000 1.24 @@ -8,7 +8,7 @@ namespace eval ::xo { - Class Policy + Class create Policy Policy instproc defined_methods {class} { set c [self]::$class @@ -139,7 +139,8 @@ set ctx [::xo::Context new -destroy_on_cleanup -actual_query $query] $ctx process_query_parameter } - + + set allowed 0 set permission [my get_permission $object $method] #my log "--permission for o=$object, m=$method => $permission" @@ -148,19 +149,18 @@ lassign [my get_privilege -query_context $ctx $permission $object $method] kind p #my msg "--privilege = $p kind = $kind" switch -- $kind { - primitive {return [my check_privilege -login false \ - -package_id $package_id -user_id $user_id \ - $p $object $method]} + primitive {set allowed [my check_privilege -login false \ + -package_id $package_id -user_id $user_id \ + $p $object $method]} complex { lassign $p attribute privilege set id [$object set $attribute] - #my msg "--p checking permission -object_id /$id/ -privilege $privilege -party_id $user_id\ - # ==> [::xo::cc permission -object_id $id -privilege $privilege -party_id $user_id]" - return [::xo::cc permission -object_id $id -privilege $privilege -party_id $user_id] + set allowed [::xo::cc permission -object_id $id -privilege $privilege -party_id $user_id] } } } - return 0 + #my log "--p check_permissions {$object $method} : $permission ==> $allowed" + return $allowed } Policy ad_instproc enforce_permissions {-user_id -package_id object method} {