Index: openacs-4/packages/acs-tcl/tcl/acs-permissions-procs.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/acs-permissions-procs.tcl,v diff -u -N -r1.33.2.7 -r1.33.2.8 --- openacs-4/packages/acs-tcl/tcl/acs-permissions-procs.tcl 2 Feb 2017 11:17:56 -0000 1.33.2.7 +++ openacs-4/packages/acs-tcl/tcl/acs-permissions-procs.tcl 28 Jun 2017 20:20:27 -0000 1.33.2.8 @@ -180,7 +180,8 @@ } if {![permission_p -party_id $party_id -object_id $object_id -privilege $privilege]} { - if {!${party_id}} { + + if {!${party_id} && ![ad_conn ajax_p]} { auth::require_login } else { ns_log notice "permission::require_permission: $party_id doesn't have $privilege on object $object_id" Index: openacs-4/packages/acs-tcl/tcl/request-processor-procs.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/request-processor-procs.tcl,v diff -u -N -r1.118.2.47 -r1.118.2.48 --- openacs-4/packages/acs-tcl/tcl/request-processor-procs.tcl 24 Apr 2017 09:02:17 -0000 1.118.2.47 +++ openacs-4/packages/acs-tcl/tcl/request-processor-procs.tcl 28 Jun 2017 20:20:27 -0000 1.118.2.48 @@ -1337,17 +1337,45 @@ Returns a property about the connection. See the request - processor documentation for an (almost complete) list of allowable values. + processor documentation for an (incomplete) list of allowable values.

If -set is passed then it sets a property.

- If the property has not been set directly by OpenACS it will be passed on to aolservers ns_conn: http://www.aolserver.com/docs/devel/tcl/api/conn.html#ns_conn. If it is not a valid option for ns_conn either then it will throw an error. - - Valid options for ad_conn are: request, sec_validated, browser_id, session_id, user_id, token, last_issue, deferred_dml, start_clicks, node_id, object_id, object_url, object_type, package_id, package_url, instance_name, package_key, extra_url, system_p, path_info, recursion_count. + If the property has not been set directly by OpenACS it will be passed on to AOLservers/NaviServers ns_conn: http://www.aolserver.com/docs/devel/tcl/api/conn.html#ns_conn. If it is not a valid option for ns_conn either then it will throw an error. +

+ Valid options for ad_conn are: + ajax_p, + browser_id, + deferred_dml, + extra_url, + instance_name, + last_issue, + mobile_p, + node_id, + object_id, + object_type, + object_url, + package_id, + package_key, + package_url, + path_info, + peeraddr, + recursion_count, + request, + sec_validated, + session_id, + start_clicks, + subsite_id, + subsite_node_id, + subsite_url, + system_p, + token, + untrusted_user_id, + user_id.

Added recursion_count to properly deal with internalredirects. @@ -1547,6 +1575,23 @@ return $ad_conn(mobile_p) } + ajax_p { + # + # Check, if we are used from an ajax + # client (providing the header field + # "X-Requested-With: XMLHttpRequest") + # + set ad_conn(ajax_p) 0 + if {[ns_conn isconnected]} { + set headers [ns_conn headers] + set i [ns_set ifind $headers "X-Requested-With"] + if {$i > -1 } { + set ad_conn(ajax_p) [expr {[ns_set value $headers $i] eq "XMLHttpRequest"}] + } + } + return $ad_conn(ajax_p) + } + default { return [ns_conn $var] }