[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
Re: r486 - trunk/db/procs/umo_category_list
- To: uu@total-knowledge.com
- Subject: Re: r486 - trunk/db/procs/umo_category_list
- From: Alexey Parshin <sparx@total-knowledge.com>
- Date: Tue, 22 Sep 2009 14:30:18 +1000
- Delivered-to: mailing list uu@total-knowledge.com
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to :content-type; bh=9cxxa4+/geGoqJOeY+6urawsNpCCMC1I4c6aa818Ngc=; b=G48ipPBF+Nh6gzssPT10H0CcfhTcLsh+1d0u9sXwHdHf/EsASgIKTlmg+EP7x0Xtfl aqhwOMLgvkiCDufiuhTkazap5zq2BZe9/ygeT1GEmAJPJDz2UIbXGS+36QXSr+cWMerG xyAwsh4B6YLShSkLrVTatLru1FMHQtxZzLPt8=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type; b=WGBh13W9VXgSClUtFGOAmIfdFz+YguMY5mn9nVS2Yd6zZwxRq6qjt2OFycdx+3vCta ghc3KjLPnkdSFnml/yAglSPn6zffMDXWyjxOquwG+xC5a4jSYOi4Vl5vsGUvCt2zeoUk SI8rzTdcLkLxuL1czBOEAZjLnJlRdRh7sPWmQ=
- In-reply-to: <courier.000000004AB84999.00006F74@mail.total-knowledge.com>
- Mailing-list: contact uu-help@total-knowledge.com; run by ezmlm
- References: <courier.000000004AB84999.00006F74@mail.total-knowledge.com>
- Sender: alexeyp@gmail.com
Did you try running tests after these changes?
2009/9/22 <ilya@mail.total-knowledge.com>
> Author: ilya
> Date: 2009-09-21 20:50:48 -0700 (Mon, 21 Sep 2009)
> New Revision: 486
>
> Modified:
> trunk/db/procs/umo_category_list/umo_category_attach.sql
> trunk/db/procs/umo_category_list/umo_category_detach.sql
> Log:
> Check user access to umo, before modifying UMO<->Category associations
>
> Modified: trunk/db/procs/umo_category_list/umo_category_attach.sql
> ===================================================================
> --- trunk/db/procs/umo_category_list/umo_category_attach.sql 2009-09-21
> 19:28:55 UTC (rev 485)
> +++ trunk/db/procs/umo_category_list/umo_category_attach.sql 2009-09-22
> 03:50:48 UTC (rev 486)
> @@ -5,10 +5,21 @@
> ) RETURNS void AS $$
> DECLARE
> connection_id INT;
> + uv umo_version;
> BEGIN
> IF p_category_id = 1 THEN
> RAISE EXCEPTION 'Placing objects into root category is not permitted';
> END IF;
> + -- Check user access to the UMO
> + SELECT * INTO uv FROM umo_version
> + JOIN umo_base ON uv_id = ub_umo_latest_published;
> + IF uv.uv_id IS NULL THEN
> + RAISE EXCEPTION 'Can''t add unpublished objects to catalogue';
> + END IF;
> +
> + -- TODO: should we add 'MODIFY' as well?
> + PERFORM is_authorized(uv.uv_object_type, uv.uv_id, 'ADMINISTER');
> +
> BEGIN
> INSERT INTO umo_category_to_umo (uctu_umo_version,uctu_umo_category)
> VALUES(p_umo_base_id,p_category_id);
>
> Modified: trunk/db/procs/umo_category_list/umo_category_detach.sql
> ===================================================================
> --- trunk/db/procs/umo_category_list/umo_category_detach.sql 2009-09-21
> 19:28:55 UTC (rev 485)
> +++ trunk/db/procs/umo_category_list/umo_category_detach.sql 2009-09-22
> 03:50:48 UTC (rev 486)
> @@ -5,7 +5,17 @@
> ) RETURNS void AS $$
> DECLARE
> connection_id INT;
> + uv umo_version;
> BEGIN
> + -- Check user access to the UMO
> + SELECT * INTO uv FROM umo_version
> + JOIN umo_base ON uv_id = ub_umo_latest_published;
> + IF uv.uv_id IS NULL THEN
> + RAISE EXCEPTION 'Can''t remove unpublished objects from catalogue
> (they aren''t there anyways)';
> + END IF;
> +
> + -- TODO: should we add 'MODIFY' as well?
> + PERFORM is_authorized(uv.uv_object_type, uv.uv_id, 'ADMINISTER');
> DELETE FROM umo_category_to_umo
> WHERE uctu_umo_base = p_umo_base_id AND uctu_umo_category =
> p_category_id;
> RAISE NOTICE 'DETACHED umo category % from UMO id=%', p_umo_version_id,
> p_category_id;
>
>
--
Alexey Parshin,
http://www.sptk.net