Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
34690 commits 35 branches 616 tags 1.8 GiB
Commit graph

6 commits

Author SHA1 Message Date
Martin Renvoize
4c01891613 Bug 20128: (QA follow-up) Corrections to haspermission 
The haspermission routine wrongly assumed that get_user_subpermissions
would return a list of all subpermissions if the user had the top level
permission, but instead if just returns 1.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
 2019-04-17 12:25:26 +00:00
Nick Clemens
8f8367c728 Bug 20128: Problem when checking individual perms where borrower has top level 
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
 2019-04-17 12:25:26 +00:00
Martin Renvoize
088e0243bf Bug 22483: Restore undef behaviour 
Turns out that we rely heavily on the side effect that passing undef
to haspermission would always return true no matter what permissions
or lack of permissions you had.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
 2019-03-08 15:53:10 -03:00
Martin Renvoize
cc67ff26aa Bug 22483: Explicitly ban 'undef' as a valid $flagsrequired 
Before bug 22031 the haspermission subroutine signature allowed for
passing 'undef' to mean 'any permission' in $flagsrequired.  This feels
like a mistake and was only in practical use in two places in the
codebase.

This patch explicitly forbids this practice (`*` may be used to the same
result and is more explicit in it's nature) and replaces the two
instances of it's use.

Test Plan
1. Before this patch, the API tests are all failing with authentication
errors
2. After this patch the API tests should now all pass.
3. t/db_dependent/Auth/haspermission.t should continue to pass (with one
addition subtest added herin)
3. /svc/members/search is not unit tested. Please check that patron
searching still yields results in the UI after this patch.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
 2019-03-08 15:26:04 -03:00
Martin Renvoize
a8be1966f3 Bug 22031: Add SQL::Abstract like syntax to haspermission 
This patch adds an SQL::Abstract inspired query syntax to the
haspermission method in C4::Auth.  One can now pass Arrayrefs to denote
an OR list of flags, a Hashref to denote a AND list of flags.

Structures can be nested at arbitrary depth.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
 2019-03-07 20:50:26 +00:00
Marcel de Rooy
1cb371689d Bug 15756: Some tests for haspermission in C4::Auth 
Test plan:
Run this new test.

Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
All tests successful. koha-qa.pl run OK.
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>

Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
 2016-02-23 20:54:42 +00:00