Permalink
Browse files

Added access restriction for search fields and various other minor ch…

…anges.
  • Loading branch information...
ciyam committed Aug 2, 2012
1 parent ae1a8a2 commit 213096c624b887f314fd2ba7c1b33ecf5a39e8fa
View
@@ -1172,7 +1172,7 @@ specification_add -id=670009 {Type}_Is_Not_Normal_Numeric modifier_field_value "
specification_add -id=680009 {Type}_Is_Not_Auto_Rounded modifier_field_value "Type Is_Not_Auto_Rounded Auto_Round 0"
specification_add -id=600010 {Model}_Id_auto_inc parent_auto_int_inc "Model Id {Workgroup} Next_Model_Id"
specification_add -id=610010 {Model}_Next_Class_Id_default default_to_field "Model Next_Class_Id Id -append=C100 -for_store"
-specification_add -id=620010 {Model}_Next_Specification_Id_default default_to_field "Model Next_Specification_Id Id -append=S100 -for_store"
+specification_add -id=620010 {Model}_Next_Specification_Id_default default_to_field "Model Next_Specification_Id Id -append=S1000 -for_store"
specification_add -id=630010 {Model}_Next_List_Id_default default_to_field "Model Next_List_Id Id -append=L100 -for_store"
specification_add -id=640010 {Model}_Next_View_Id_default default_to_field "Model Next_View_Id Id -append=V100 -for_store"
specification_add -id=600011 {Model}_Source_File_file_link file_link "Model Name Source_File .cpp"
View
@@ -29321,7 +29321,7 @@
<pclass_id>
<pfield_id>
<sfield_id>105104
- <append_value>"S100"
+ <append_value>"S1000"
<for_store>true
</data>
</specification>
View
@@ -3564,30 +3564,31 @@ void Meta_Model::impl::impl_Generate( )
do
{
- if( get_obj( ).child_List( ).child_List_Field( ).Type( ).get_key( ) == "field" )
+ string extras;
+
+ if( get_obj( ).child_List( ).child_List_Field( ).Access_Restriction( ) != 0 )
{
- string extras;
- if( get_obj( ).child_List( ).child_List_Field( ).Access_Restriction( ) != 0 )
- {
- if( get_obj( ).child_List( ).child_List_Field( ).Access_Restriction( ) == 1 )
- extras = "owner_only";
- else if( get_obj( ).child_List( ).child_List_Field( ).Access_Restriction( ) == 2 )
- extras = "admin_only";
- else if( get_obj( ).child_List( ).child_List_Field( ).Access_Restriction( ) == 3 )
- extras = "admin_owner_only";
- else if( get_obj( ).child_List( ).child_List_Field( ).Access_Restriction( ) == 4 )
- extras = "hidden";
- else
- throw runtime_error( "unexpected Access_Restriction value #"
- + to_string( get_obj( ).child_List( ).child_List_Field( ).Access_Restriction( ) )
- + " in Model::Generate" );
+ if( get_obj( ).child_List( ).child_List_Field( ).Access_Restriction( ) == 1 )
+ extras = "owner_only";
+ else if( get_obj( ).child_List( ).child_List_Field( ).Access_Restriction( ) == 2 )
+ extras = "admin_only";
+ else if( get_obj( ).child_List( ).child_List_Field( ).Access_Restriction( ) == 3 )
+ extras = "admin_owner_only";
+ else if( get_obj( ).child_List( ).child_List_Field( ).Access_Restriction( ) == 4 )
+ extras = "hidden";
+ else
+ throw runtime_error( "unexpected Access_Restriction value #"
+ + to_string( get_obj( ).child_List( ).child_List_Field( ).Access_Restriction( ) )
+ + " in Model::Generate" );
- if( !is_null( get_obj( ).child_List( ).child_List_Field( ).Access_Permission( ) ) )
- extras += "=!" + get_obj( ).child_List( ).child_List_Field( ).Access_Permission( ).Id( );
- }
- else if( !is_null( get_obj( ).child_List( ).child_List_Field( ).Access_Permission( ) ) )
- extras += "hidden=!" + get_obj( ).child_List( ).child_List_Field( ).Access_Permission( ).Id( );
+ if( !is_null( get_obj( ).child_List( ).child_List_Field( ).Access_Permission( ) ) )
+ extras += "=!" + get_obj( ).child_List( ).child_List_Field( ).Access_Permission( ).Id( );
+ }
+ else if( !is_null( get_obj( ).child_List( ).child_List_Field( ).Access_Permission( ) ) )
+ extras += "hidden=!" + get_obj( ).child_List( ).child_List_Field( ).Access_Permission( ).Id( );
+ if( get_obj( ).child_List( ).child_List_Field( ).Type( ).get_key( ) == "field" )
+ {
if( extras != "hidden" )
{
switch( get_obj( ).child_List( ).child_List_Field( ).Link_Restriction( ) )
@@ -4254,6 +4255,14 @@ void Meta_Model::impl::impl_Generate( )
string pextras( get_obj( ).child_List( ).child_List_Field( ).Restriction_Spec( ).Restrict_Values( ) );
bool is_restricted( !pextras.empty( ) );
+ if( !extras.empty( ) )
+ {
+ if( pextras.empty( ) )
+ pextras = extras;
+ else
+ pextras = extras + "+" + pextras;
+ }
+
// NOTE: It is being assumed here that the only reason for using a "static instance key" is for a "folder".
if( !is_null( get_obj( ).child_List( ).child_List_Field( ).Source_Parent( ) )
&& !is_null( get_obj( ).child_List( ).child_List_Field( ).Source_Parent( ).Parent_Class( ).Static_Instance_Key( ) ) )
@@ -4491,6 +4500,14 @@ void Meta_Model::impl::impl_Generate( )
p_field->Type( ).Time_Precision( ), p_field->Type( ).Show_Plus_Sign( ),
p_field->Type( ).Zero_Padding( ), p_field->Type( ).Int_Type( ), p_field->Type( ).Numeric_Type( ) ) );
+ if( !extras.empty( ) )
+ {
+ if( field_extras.empty( ) )
+ field_extras = extras;
+ else
+ field_extras = extras + "+" + field_extras;
+ }
+
if( get_obj( ).child_List( ).child_List_Field( ).Exact_Match_Only( ) )
{
if( !field_extras.empty( ) )
@@ -6183,7 +6200,7 @@ void Meta_Model::impl::for_store( bool is_create, bool is_internal )
// [(start default_to_field)]
if( is_create && ( get_obj( ).Next_Specification_Id( ) == gv_default_Next_Specification_Id ) )
- get_obj( ).Next_Specification_Id( get_obj( ).Id( ) + "S100" );
+ get_obj( ).Next_Specification_Id( get_obj( ).Id( ) + "S1000" );
// [(finish default_to_field)]
// [(start default_to_field)]
View
Binary file not shown.
@@ -1985,6 +1985,7 @@ bool `{`$full_class_name`}::impl::is_filtered( ) const
`@eq`(`'\1`'`,`'non_uid_filter`'`)\
`{`#non_uid_filter.spec.xrep section=is_filtered class_name=$class_name module_name=$module_name\
arg_name=\0 arg_id=$specification_\0_id arg_pclass=$specification_\0_pclass arg_cfield=$specification_\0_cfield`}
+### is_filtered
`}`]`}
// [<start is_filtered>]
`{`(`?`$user_source`)`#$user_source section=is_filtered`}
View
@@ -1849,7 +1849,7 @@ void request_handler::process_request( )
fieldlist += ",";
fieldlist += view.user_force_fields[ i ];
- if( !extra.empty( ) )
+ if( !fieldlist.empty( ) )
extra += ",";
extra += escaped( user_field_info[ view.user_force_fields[ i ] ], "," );
}
View
@@ -108,6 +108,33 @@ void append_hash_values_query_update( ostream& os,
os << "query_update( '" << c_param_hashval << "', hex_sha1( hash_values ).substring( 16, 24 ), true ); ";
}
+bool has_access( const string& extra, const session_info& sess_info, bool has_owner_parent )
+{
+ bool rc = true;
+
+ map< string, string > extras;
+ if( !extra.empty( ) )
+ parse_field_extra( extra, extras );
+
+ if( extras.count( c_field_extra_hidden )
+ && has_perm_extra( c_field_extra_hidden, extras, sess_info ) )
+ rc = false;
+
+ if( extras.count( c_field_extra_owner_only )
+ && !has_owner_parent && has_perm_extra( c_field_extra_owner_only, extras, sess_info ) )
+ rc = false;
+
+ if( extras.count( c_field_extra_admin_only )
+ && ( !sess_info.is_admin_user && has_perm_extra( c_field_extra_admin_only, extras, sess_info ) ) )
+ rc = false;
+
+ if( extras.count( c_field_extra_admin_owner_only )
+ && ( !has_owner_parent && !sess_info.is_admin_user && has_perm_extra( c_field_extra_admin_owner_only, extras, sess_info ) ) )
+ rc = false;
+
+ return rc;
+}
+
}
void setup_list_fields( list_source& list,
@@ -719,6 +746,9 @@ void output_list_form( ostream& os,
values skey_values;
for( size_t i = 0; i < ( source.lici->second )->parents.size( ); i++ )
{
+ if( !has_access( ( source.lici->second )->parents[ i ].extra, sess_info, has_owner_parent ) )
+ continue;
+
if( ( source.lici->second )->parents[ i ].operations.count( c_operation_select )
|| ( source.lici->second )->parents[ i ].operations.count( c_operation_select_child ) )
{
@@ -983,6 +1013,9 @@ void output_list_form( ostream& os,
for( size_t i = 0; i < ( source.lici->second )->restricts.size( ); i++ )
{
+ if( !has_access( ( source.lici->second )->restricts[ i ].extra, sess_info, has_owner_parent ) )
+ continue;
+
if( ( source.lici->second )->restricts[ i ].operations.count( c_operation_search ) )
{
string field_type( ( source.lici->second )->restricts[ i ].ftype );
@@ -1580,6 +1613,9 @@ void output_list_form( ostream& os,
for( size_t i = 0; i < ( source.lici->second )->parents.size( ); i++ )
{
+ if( !has_access( ( source.lici->second )->parents[ i ].extra, sess_info, has_owner_parent ) )
+ continue;
+
if( ( source.lici->second )->parents[ i ].operations.count( c_operation_link )
&& ( ( ( source.lici->second )->parents[ i ].operations.find( c_operation_link ) )->second.empty( )
|| sess_info.user_perms.count( ( source.lici->second )->parents[ i ].operations.find( c_operation_link )->second ) ) )
@@ -1663,6 +1699,9 @@ void output_list_form( ostream& os,
for( size_t i = 0; i < ( source.lici->second )->restricts.size( ); i++ )
{
+ if( !has_access( ( source.lici->second )->restricts[ i ].extra, sess_info, has_owner_parent ) )
+ continue;
+
if( ( source.lici->second )->restricts[ i ].operations.count( c_operation_link )
&& ( ( ( source.lici->second )->restricts[ i ].operations.find( c_operation_link ) )->second.empty( )
|| sess_info.user_perms.count( ( source.lici->second )->restricts[ i ].operations.find( c_operation_link )->second ) ) )
@@ -1969,6 +2008,9 @@ void output_list_form( ostream& os,
for( size_t i = 0; i < ( source.lici->second )->restricts.size( ); i++ )
{
+ if( !has_access( ( source.lici->second )->restricts[ i ].extra, sess_info, has_owner_parent ) )
+ continue;
+
if( ( source.lici->second )->restricts[ i ].operations.count( c_operation_select ) )
{
map< string, string > restrict_extras;
View
@@ -1716,10 +1716,14 @@ void determine_fixed_query_info( string& fixed_fields,
// NOTE: A "reverse" checked restriction will result in the list order being reversed.
bool reverse_checked = false;
- if( ( list.lici->second )->restricts[ i ].operations.count( c_operation_rchecked )
- || ( list.lici->second )->restricts[ i ].operations.count( c_operation_runchecked ) )
+ bool reverse_unchecked = false;
+
+ if( ( list.lici->second )->restricts[ i ].operations.count( c_operation_rchecked ) )
reverse_checked = true;
+ if( ( list.lici->second )->restricts[ i ].operations.count( c_operation_runchecked ) )
+ reverse_unchecked = true;
+
if( ( !unchecked && !list_selections.count( name ) )
|| ( list_selections.count( name ) && list_selections.find( name )->second == c_true ) )
{
@@ -1733,7 +1737,7 @@ void determine_fixed_query_info( string& fixed_fields,
}
else
{
- if( !reverse_checked )
+ if( !reverse_unchecked )
value = ( list.lici->second )->restricts[ i ].operations[ c_operation_unchecked ];
else
value = ( list.lici->second )->restricts[ i ].operations[ c_operation_runchecked ];
@@ -1760,6 +1764,9 @@ void determine_fixed_query_info( string& fixed_fields,
fixed_key_values += value;
}
+
+ if( reverse_unchecked )
+ is_reverse = !is_reverse;
}
else if( reverse_checked )
is_reverse = !is_reverse;
@@ -2,19 +2,16 @@
// [(start filter_field_value)]
`{`@eq`(`$arg_tfield`,`'`'`)\
`{`@eq`(`$arg_perm`,`'`'`)\
- if( get_obj( ).has_filter( "`{`$arg_id`}" )
- || get_obj( ).has_filter( "`{`$arg_name`}" ) )
+ if( get_obj( ).has_filter( "`{`$arg_id`}" ) // i.e. `{`$arg_name`}
`,\
if( !get_perms( ).count( "`{`$arg_perm`}" )
- && ( get_obj( ).has_filter( "`{`$arg_id`}" )
- || get_obj( ).has_filter( "`{`$arg_name`}" ) ) )
+ && get_obj( ).has_filter( "`{`$arg_id`}" ) ) // i.e. `{`$arg_name`}
`}`,\
if( get_obj( ).`{`$arg_tfield`}( )
`{`!`@eq`(`$arg_perm`,`'`'`)\
&& !get_perms( ).count( "`{`$arg_perm`}" )
`}\
- && ( get_obj( ).has_filter( "`{`$arg_id`}" )
- || get_obj( ).has_filter( "`{`$arg_name`}" ) ) )
+ && get_obj( ).has_filter( "`{`$arg_id`}" ) ) // i.e. `{`$arg_name`}
`}\
{
if( get_obj( ).`{`$arg_field`}( ) == `{`$arg_value`} )
@@ -1,6 +1,6 @@
`{`@eq`(`'is_filtered`'`,`$section`)\
// [(start filter_fk_in_uid_set)]
- if( !is_system_uid( ) && get_obj( ).has_filter( "`{`$arg_id`}" ) )
+ if( !is_system_uid( ) && get_obj( ).has_filter( "`{`$arg_id`}" ) ) // i.e. `{`$arg_name`}
{
string key( get_obj( ).`{`$arg_spfield`}( ) );
@@ -1,8 +1,7 @@
`{`@eq`(`'is_filtered`'`,`$section`)\
// [(start filter_perm_restricted)]
if( !get_obj( ).`{`$arg_field`}( ).empty( )
- && ( get_obj( ).has_filter( "`{`$arg_id`}" )
- || get_obj( ).has_filter( "`{`$arg_name`}" ) ) )
+ && get_obj( ).has_filter( "`{`$arg_id`}" ) ) // i.e. `{`$arg_name`}
{
if( !get_perms( ).count( get_obj( ).`{`$arg_field`}( ) ) )
return true;
@@ -1,7 +1,6 @@
`{`@eq`(`'is_filtered`'`,`$section`)\
// [(start filter_security_level)]
- if( get_obj( ).has_filter( "`{`$arg_id`}" )
- || get_obj( ).has_filter( "`{`$arg_name`}" ) )
+ if( get_obj( ).has_filter( "`{`$arg_id`}" ) ) // i.e. `{`$arg_name`}
{
if( !has_sec_level( get_obj( ).`{`$arg_slevel`}( ) ) )
return true;
View
@@ -1,7 +1,6 @@
`{`@eq`(`'is_filtered`'`,`$section`)\
// [(start non_uid_filter)]
- if( get_obj( ).has_filter( "`{`$arg_id`}" )
- || get_obj( ).has_filter( "`{`$arg_name`}" ) )
+ if( get_obj( ).has_filter( "`{`$arg_id`}" ) ) // i.e. `{`$arg_name`}
{
`{`$module_name`}_`{`$arg_pclass`}* p_parent = dynamic_cast< `{`$module_name`}_`{`$arg_pclass`}* >( get_obj( ).get_graph_parent( ) );
View
@@ -8,7 +8,7 @@
guest_model
> perform_fetch 100 105100 guest_model "105101,105102,105103,105104,105105,105106,105107,105108,105109,105110,105111,105112,105113,105114"
-[guest_model =1.0 256 100:105100] Sample,0.1,2012,M001,M001C100,M001S100,M001L100,M001V100,,,,2,0,
+[guest_model =1.0 256 100:105100] Sample,0.1,2012,M001,M001C100,M001S1000,M001L100,M001V100,,,,2,0,
> perform_create guest 20120102 100 136100 guest_standard "136101=Standard,136107=Standard,302810=standard,302800=guest_model"
guest_standard
@@ -4,6 +4,7 @@
`{`!`@eq`(`$arg_tfield`,`'`'`)\
&& is_null( get_obj( ).`{`$arg_tfield`}( ) )
`}\
+ && get_obj( ).get_variable( "@total_child_field_in_parent" ).empty( )
&& ( !is_change_locked( get_obj( ).`{`$arg_pfield`}( ) )
|| is_update_locked_by_own_session( get_obj( ).`{`$arg_pfield`}( ) ) ) )
{
@@ -69,6 +70,7 @@
}
}
else if( !is_create
+ && get_obj( ).get_variable( "@total_child_field_in_parent" ).empty( )
`{`!`@eq`(`$arg_tfield`,`'`'`)\
&& ( get_obj( ).`{`$arg_tfield`}( ).has_changed( )
&& is_null( get_obj( ).get_original_field_value( c_field_id_`{`$arg_tfield`} ) ) )
@@ -82,9 +84,10 @@
class_base* p_parent = get_obj( ).get_graph_parent( );
- if( !p_parent || !p_parent->get_is_editing( )
+ if( !is_null( original.`{`$arg_pfield`}( ) )
+ && ( !p_parent || !p_parent->get_is_editing( )
|| p_parent->get_key( ) != original.`{`$arg_pfield`}( ).get_key( )
- || strcmp( p_parent->lock_class_id( ), original.`{`$arg_pfield`}( ).lock_class_id( ) ) )
+ || strcmp( p_parent->lock_class_id( ), original.`{`$arg_pfield`}( ).lock_class_id( ) ) ) )
{
original.`{`$arg_pfield`}( ).op_update( );
original.`{`$arg_pfield`}( ).`{`$arg_pnfield`}( original.`{`$arg_pfield`}( ).`{`$arg_pnfield`}( ) - original.`{`$arg_nfield`}( ) );
@@ -99,6 +102,7 @@
`{`@eq`(`'for_or_after_destroy`'`,`$section`)\
// [(start total_child_field_in_parent)]
if( !get_obj( ).get_is_being_cascaded( )
+ && get_obj( ).get_variable( "@total_child_field_in_parent" ).empty( )
`{`!`@eq`(`$arg_tfield`,`'`'`)\
&& is_null( get_obj( ).`{`$arg_tfield`}( ) )
`}\

0 comments on commit 213096c

Please sign in to comment.