Index: openacs-4/packages/acs-kernel/acs-kernel.info
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-kernel/acs-kernel.info,v
diff -u -N -r1.136.2.17 -r1.136.2.18
--- openacs-4/packages/acs-kernel/acs-kernel.info 5 Jul 2016 16:35:23 -0000 1.136.2.17
+++ openacs-4/packages/acs-kernel/acs-kernel.info 6 Jul 2016 13:47:02 -0000 1.136.2.18
@@ -9,15 +9,15 @@
f
t
-
+
OpenACS Core Team
Routines and data models providing the foundation for OpenACS-based Web services.
2016-07-05
OpenACS
The OpenACS kernel contains the core datamodel create and drop scripts for such things as objects, groups, partiies and the supporting PL/SQL and PL/pgSQL procedures.
3
-
+
Index: openacs-4/packages/acs-kernel/sql/postgresql/acs-permissions-create.sql
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-kernel/sql/postgresql/acs-permissions-create.sql,v
diff -u -N -r1.39.2.4 -r1.39.2.5
--- openacs-4/packages/acs-kernel/sql/postgresql/acs-permissions-create.sql 6 Jul 2016 07:40:56 -0000 1.39.2.4
+++ openacs-4/packages/acs-kernel/sql/postgresql/acs-permissions-create.sql 6 Jul 2016 13:47:02 -0000 1.39.2.5
@@ -627,7 +627,8 @@
BEGIN
v_security_context_root := acs__magic_object_id('security_context_root');
- RETURN QUERY WITH RECURSIVE
+ RETURN QUERY
+ WITH RECURSIVE
object_context(obj_id, context_id, orig_obj_id) AS (
SELECT p_object_id, p_object_id, p_object_id
UNION ALL
@@ -655,7 +656,35 @@
END;
$$ LANGUAGE plpgsql stable;
+--
+-- procedure acs_permission.permissions_all/1
+--
+CREATE OR REPLACE FUNCTION acs_permission.permissions_all(
+ p_object_id integer
+) RETURNS table (object_id integer, grantee_id integer, privilege varchar) AS $$
+DECLARE
+ v_security_context_root integer;
+BEGIN
+ v_security_context_root := acs__magic_object_id('security_context_root');
+ RETURN QUERY
+ WITH RECURSIVE object_context(obj_id, context_id, orig_obj_id) AS (
+ SELECT p_object_id, p_object_id, p_object_id
+ UNION ALL
+ SELECT
+ ao.object_id,
+ CASE WHEN (ao.security_inherit_p = 'f' OR ao.context_id IS NULL)
+ THEN v_security_context_root ELSE ao.context_id END,
+ oc.orig_obj_id
+ FROM object_context oc, acs_objects ao
+ WHERE ao.object_id = oc.context_id
+ AND ao.object_id != v_security_context_root
+ )
+ select p_object_id, p.grantee_id, p.privilege
+ from object_context oc, acs_permissions p where p.object_id = oc.context_id;
+END;
+$$ LANGUAGE plpgsql stable;
+
--
-- procedure acs_permission.grant_permission/3
--
Index: openacs-4/packages/acs-kernel/sql/postgresql/upgrade/upgrade-5.9.1d11-5.9.1d12.sql
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-kernel/sql/postgresql/upgrade/upgrade-5.9.1d11-5.9.1d12.sql,v
diff -u -N
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ openacs-4/packages/acs-kernel/sql/postgresql/upgrade/upgrade-5.9.1d11-5.9.1d12.sql 6 Jul 2016 13:47:03 -0000 1.1.2.1
@@ -0,0 +1,29 @@
+--
+-- procedure acs_permission.permissions_all/1
+--
+CREATE OR REPLACE FUNCTION acs_permission.permissions_all(
+ p_object_id integer
+) RETURNS table (object_id integer, grantee_id integer, privilege varchar) AS $$
+DECLARE
+ v_security_context_root integer;
+BEGIN
+ v_security_context_root := acs__magic_object_id('security_context_root');
+
+ RETURN QUERY
+ WITH RECURSIVE object_context(obj_id, context_id, orig_obj_id) AS (
+ SELECT p_object_id, p_object_id, p_object_id
+ UNION ALL
+ SELECT
+ ao.object_id,
+ CASE WHEN (ao.security_inherit_p = 'f' OR ao.context_id IS NULL)
+ THEN v_security_context_root ELSE ao.context_id END,
+ oc.orig_obj_id
+ FROM object_context oc, acs_objects ao
+ WHERE ao.object_id = oc.context_id
+ AND ao.object_id != v_security_context_root
+ )
+ select p_object_id, p.grantee_id, p.privilege
+ from object_context oc, acs_permissions p where p.object_id = oc.context_id;
+END;
+$$ LANGUAGE plpgsql stable;
+
Index: openacs-4/packages/acs-subsite/acs-subsite.info
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-subsite/acs-subsite.info,v
diff -u -N -r1.117.2.19 -r1.117.2.20
--- openacs-4/packages/acs-subsite/acs-subsite.info 5 Jul 2016 14:16:58 -0000 1.117.2.19
+++ openacs-4/packages/acs-subsite/acs-subsite.info 6 Jul 2016 13:47:03 -0000 1.117.2.20
@@ -9,7 +9,7 @@
t
t
-
+
OpenACS
Subsite
2015-10-04
@@ -18,10 +18,10 @@
GPL
3
-
+
-
+
Index: openacs-4/packages/acs-subsite/www/permissions/index-postgresql.xql
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-subsite/www/permissions/index-postgresql.xql,v
diff -u -N -r1.5 -r1.5.24.1
--- openacs-4/packages/acs-subsite/www/permissions/index-postgresql.xql 16 Jan 2003 13:40:36 -0000 1.5
+++ openacs-4/packages/acs-subsite/www/permissions/index-postgresql.xql 6 Jul 2016 13:47:03 -0000 1.5.24.1
@@ -5,16 +5,15 @@
+
select o.object_id, acs_object__name(o.object_id) as name, context_id, object_type,
- (case when o.object_id = :root then 0 else 1 end) as child
- from acs_objects o
- where exists ( SELECT 1
- FROM acs_permissions_all map
- WHERE map.object_id = o.object_id
- and map.grantee_id = :user_id
- and map.privilege = 'admin')
- and (o.object_id = :root or o.context_id = :root)
- order by child, object_type, name
+ (case when o.object_id = '629' then 0 else 1 end) as child
+ from acs_permission.permission_p_recursive_array(array(
+ select object_id from acs_objects where object_id = :root or context_id = :root
+ ), :user_id, 'admin') p, acs_objects o
+ where p.orig_object_id = o.object_id
+ order by child, object_type, name
+
Index: openacs-4/packages/acs-subsite/www/permissions/one-postgresql.xql
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-subsite/www/permissions/one-postgresql.xql,v
diff -u -N -r1.7 -r1.7.18.1
--- openacs-4/packages/acs-subsite/www/permissions/one-postgresql.xql 24 Feb 2005 11:10:31 -0000 1.7
+++ openacs-4/packages/acs-subsite/www/permissions/one-postgresql.xql 6 Jul 2016 13:47:03 -0000 1.7.18.1
@@ -12,15 +12,13 @@
-
+
select grantee_id, grantee_name, privilege
- from (select grantee_id, acs_object__name(grantee_id) as grantee_name,
- privilege, 1 as counter
- from acs_permissions_all
- where object_id = :object_id
+ from (
+ select grantee_id, acs_object__name(grantee_id) as grantee_name, privilege, 1 as counter
+ from acs_permission.permissions_all(:object_id)
union all
- select grantee_id, acs_object__name(grantee_id) as grantee_name,
- privilege, -1 as counter
+ select grantee_id, acs_object__name(grantee_id) as grantee_name, privilege, -1 as counter
from acs_permissions
where object_id = :object_id ) dummy
group by grantee_id, grantee_name, privilege
@@ -53,28 +51,31 @@
-
-
- select object_id as c_object_id,acs_object__name(object_id) as c_name, object_type as c_type
- from acs_objects o
- where context_id = :object_id
- and exists (select 1
- from acs_permissions_all
- where object_id = o.object_id
- and grantee_id = :user_id
- and privilege = 'admin')
-
+
+
+ select
+ o.object_id as c_object_id,
+ acs_object__name(o.object_id) as c_name,
+ o.object_type as c_type
+ from
+ acs_permission.permission_p_recursive_array(array(
+ select object_id from acs_objects o where context_id = :object_id
+ ), :user_id, 'admin') p
+ join acs_objects o on (p.orig_object_id = o.object_id)
+
+
+
-
-
- select count(*) as num_children
- from acs_objects o
- where context_id = :object_id and
- acs_permission__permission_p(o.object_id, :user_id, 'admin') = 't'
+
-
+ select count(*) as num_children
+ from acs_permission.permission_p_recursive_array(array(
+ select object_id from acs_objects o where context_id = :object_id
+ ), :user_id, 'admin')
+
+
Index: openacs-4/packages/acs-subsite/www/permissions/one.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-subsite/www/permissions/one.tcl,v
diff -u -N -r1.17.2.4 -r1.17.2.5
--- openacs-4/packages/acs-subsite/www/permissions/one.tcl 28 Oct 2015 09:38:39 -0000 1.17.2.4
+++ openacs-4/packages/acs-subsite/www/permissions/one.tcl 6 Jul 2016 13:47:03 -0000 1.17.2.5
@@ -8,7 +8,7 @@
@creation-date 2000-08-20
@cvs-id $Id$
} {
- object_id:naturalnum,notnull
+ object_id:integer,notnull
{children_p:boolean "f"}
{application_url ""}
}
@@ -30,11 +30,9 @@
set context [list [list "./" [_ acs-subsite.Permissions]] [_ acs-subsite.Permissions_for_name]]
-db_multirow inherited inherited_permissions {} {
-}
+db_multirow inherited inherited_permissions {} {}
-db_multirow acl acl {} {
-}
+db_multirow acl acl {} {}
set controls [list]
set controlsUrl [export_vars -base grant {application_url object_id}]
@@ -50,7 +48,7 @@
lappend controls "Inherit Permissions from [ns_quotehtml $context_name]"
}
-set controls "\[ [join $controls " | "] \]"
+set controls "\[ [join $controls { | }] \]"
set export_form_vars [export_vars -form {object_id application_url}]
Index: openacs-4/packages/acs-subsite/www/permissions/perm-include-postgresql.xql
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-subsite/www/permissions/perm-include-postgresql.xql,v
diff -u -N -r1.4.18.1 -r1.4.18.2
--- openacs-4/packages/acs-subsite/www/permissions/perm-include-postgresql.xql 3 Jul 2016 15:03:44 -0000 1.4.18.1
+++ openacs-4/packages/acs-subsite/www/permissions/perm-include-postgresql.xql 6 Jul 2016 13:47:03 -0000 1.4.18.2
@@ -24,8 +24,7 @@
sum([join $privs "_p + "]_p) as any_perm_p_
from (select grantee_id,
[join $from_all_clauses ", "]
- from acs_permissions_all
- where object_id = :object_id
+ from acs_permission.permissions_all(:object_id)
union all
select grantee_id,
[join $from_direct_clauses ", "]
Index: openacs-4/packages/acs-subsite/www/permissions/perm-user-add-include.xql
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-subsite/www/permissions/perm-user-add-include.xql,v
diff -u -N -r1.3 -r1.3.6.1
--- openacs-4/packages/acs-subsite/www/permissions/perm-user-add-include.xql 8 Jun 2010 21:15:41 -0000 1.3
+++ openacs-4/packages/acs-subsite/www/permissions/perm-user-add-include.xql 6 Jul 2016 13:47:03 -0000 1.3.6.1
@@ -15,16 +15,4 @@
-
-
-
- select u.user_id,
- u.first_names || ' ' || u.last_name
- from cc_users u
- where u.user_id not in (select grantee_id from acs_permissions_all where object_id = :object_id)
- order by upper(first_names), upper(last_name)
-
-
-
-